Oauth specifications

  • CI system used: Azure DevOps

Hello :wave:

We are trying to test SonarCloud with Microsoft Azure DevOps using OAuth and our security department would be interested in knowing some more details about the OAuth API permissions: which ones are requested and what type of perm is each (Application vs Delegated)?

I couldn’t find specifics here (https://docs.sonarcloud.io/appendices/security-statement/#authentication)

Thanks a lot in advance!


Welcome to the community!

Is this what you’re looking for?


Hi Ann!

Thanks a lot for your reply.

I would like to log in using Azure DevOps so it would be easier to move through the configurations. The problem is, I don’t have an admin account and our admins need to understand how are the OAuth API permissions requested in this process. This is more an OAuth specs question. Of course I can log in i.e. with GitHub but this is not gonna show me the repos on Azure.

Thank you!

1 Like

Hi @minnocci-bcgdv

We are using :

  • ID tokens
  • Both personal and organizations accounts are supported : we use the multitenant endpoint
  • We need permissions on MS Graph (User.read / Delegated) and AAD Graph (User.Read / Delegated as well)

Hope that clarifies.

1 Like

Will pass it over, thanks a lot!!!

1 Like