Thanks!
You can configure a Read-only token (we don’t check the permissions in SonarQube v9.9), but you won’t be able to decorate pull requests in Azure DevOps, a key feature of Developer Edition. We can’t decorate pull requests with a read-only token because… commenting on a pull-request isn’t a read-only action. It is a write action.