Non personal tokens

Hi,

I want to use SonarCloud with the Jenkins Sonar Scanner to analyse the test coverage results. I understand that I need a token to authenticate with Sonar and that I can generate a token as explained in the documentation.

However, we would like to generate a token which is not bounded to a personal account. This way we want to prevent that the authentication breaks when an employee no longer works for the company and his account will be removed.

Is it possible to create non personal tokens? Can I generate a token which can be used by an entire organisation for example?

Thanks,

Jan

Hi @janverhoeckx , welcome to the community forum!

Tokens are always linked to an account, but it does not have to be an account of some real employee.
You can create a technical account on your ALM, managed by a group of people in your organization.
Then, you can log in on SonarCloud with that account to create it on the SonarCloud side, give it the required permissions on your organizations and projects, and generate tokens associated with the technical account.

Hi Claire, Thank you for your reply.

This sounds like a workable solution. However, our organisation is synchronizing users with GitHub. The documentation states that it’s not possible to manually add or remove a member when synchronization is activated. Is it possible to create a technical account when we are managing members in GitHub?

Yes, you have to create the tech account on GitHub, and then log in to create in on SonarCloud.
After having logged once on Sonarcloud with the tech account, you add it as a member of the GitHub organization, and then the synchronization of members will add it on SonarCloud too.

1 Like

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.