Maven: does the project key need to match the project maven coordinates?

Hello,

We are running into this issue with the latest version of the sonar maven plugin (5.2.0.4988), and to work around this, we would like to update the sonar project key to not match the submodule maven coordinates (e.g. com.example.group:example-artifact), by adding a prefix to the project key, e.g. mygithuborg_com.example.group:example-artifact.

However, the SonarQube Cloud UI seems to suggest that the project key should match the maven coordinates format:

Your project key is a unique identifier for your project. If you are using Maven, make sure the key matches the “groupId:artifactId” format.

Is this a hard requirement, or can we use an arbitrary project key with maven, as long as it adheres to the basic requirements?

When scanning, we pass the project key on the command line like so: -Dsonar.projectKey=…

Thanks,
Jukka

Hey @jpalomaki

It’s not a hard requirement! In fact, on both SonarQube Server and SonarQube Cloud a user-selected key is the default in the analysis tutorial.

mvn verify org.sonarsource.scanner.maven:sonar-maven-plugin:sonar -Dsonar.projectKey=colin-sonarsource-2_python-dup-demo

I can’t spot this in the UI, can you share a screenshot?

Thanks for the prompt response. Understood.

Here’s a screenshot of how the tooltip looks like in the “Update Key” UI.

Screenshot 2025-09-17 at 11.46.09764×163 14.3 KB

Consider adjusting that tooltip text, to not imply that its a hard requirement.

Cheers,
Jukka

I’ll pass that along. I think this is just some text that has carried over from verrrrrry old days of SonarQube.

PR merged to update the tooltip. Should be deployed soon if it hasn’t been already. Thanks!