Login to SonarCloud using GitHub fails

Steps to reproduce:

  1. Go to https://sonarcloud.io/
  2. Click on “Log in” – which takes me to https://sonarcloud.io/sessions/new
  3. Click on “With GitHub” – which takes me to Sign in to GitHub · GitHub
  4. ( Log in to GitHub if not done yet. )
  5. ( When asked by GitHub, authorize SonarCloud. )

Expected result:

  1. After the steps I see my favorite SonarCloud projects.

Actual result:

  1. Instead, I am redirected to https://sonarcloud.io/sessions/unauthorized showing the message “You’re not authorized to access this page.”

Already I’ve tried logging out from GitHub and logging back in. And also I’ve tried re-authorizing SonarCloud in GitHub.

My GitHub handle is: znerd.

1 Like

I’m having the same issue, my GitHub handle is jjasghar.

This started yesterday. I’ve also logged out and tried incognito mode in multiple browsers.

I was/am an owner of my namespace on GitHub, and an admin in SonarCloud.

I’m Admin on the same jjasghar org and I’m able to see him with Admin privileges in the “Organisation - Members” panel but he does not appear in the “Organization - Administration - Permissions” panel.

1 Like

Last night I received an email from GitHub saying:

We’re writing to let you know that between 2022-02-25 18:28 UTC and 2022-03-02 20:47 UTC, due to a bug, GitHub Apps were able to generate new scoped installation tokens with elevated permissions. You are an owner of an organization on GitHub with GitHub Apps installed that generated at least one new token during this time period. While we do not have evidence that this bug was maliciously exploited, with our available data, we are not able to determine if a token was generated with elevated permissions.

This may or may not be related. Perhaps GitHub changed something on their end (either specifically for affected accounts, or in general) that affects the SonarCloud integration?

Hello everyone!

Does the problem still persists? Are you able to go back to sonarcloud.io and see the projects even if you are redirected to “unauthorized” page or you see again the login page?

@znerd did you try to log in using private mode in the browser?

I’m Admin on the same jjasghar org and I’m able to see him with Admin privileges in the “Organisation - Members” panel but he does not appear in the “Organization - Administration - Permissions” panel.

@SMartorelli and @jjasghar, I will reach out to you in the private thread to gather information about organization key and more details if needed.

This may or may not be related. Perhaps GitHub changed something on their end (either specifically for affected accounts, or in general) that affects the SonarCloud integration?

I will reach out to you in the private thread to get your GitHub login.

Best,
Marcin

Thanks and my GitHub login is jjasghar, and I tested again, and the redirect to “unauthorized” happened again.

https://sonarcloud.io/sessions/unauthorized

Yes, the problem persists. And yes, I tried using “Private Browsing” in the browser, and re-login to GitHub and then SonarCloud, but still I am told I’m not authorized.

Also, when attempting to visit a SonarCloud project via a direct URL, it says the project is not found:
Screen Shot 2022-06-17 at 17.38.08

Still unable to access SonarCloud.

Tried it again just now; first using normal browser, then using Incognito Window.

@znerd

Can you check on your GitHub account if you have verified primary email address? And if not, can you add one?

Best,
Marcin

Indeed my primary email address in GitHub was not verified. I verified it, and now I am able to log in to SonarCloud: issue resolved.

Thanks for the support Marcin!