PR Decoration using org level token

For the Pull Request decoration it asks for a provider and a Token. Is it possible to use the top level token (that connect sonar cloud to Azure Dev Ops) without specifying it in the individual project settings?

The token expires yearly and will be a administrative effort to find and replace on all projects.

Hi @Benjamin_Mullaney,

If your organization is bound to Azure, all the projects that are bound will benefit from the token set in the organization-level setting. You know that your org/project is bound when you see the Azure logo, next to the name in SonarCloud UI.

If your projects are not bound (manually created, not imported from Azure), there is no way to set the general token that projects could benefit from but binding the unbound projects or enabling migration from unbound to bound is on our roadmap.

Let me know if you have more questions.


@Marcin_Majewski we have tried once again with no token set and it isn’t decorating. As soon as the token is entered we have decoration!

The Repo’s are pushed to sonar cloud using the Sonarcloud tasks in Azure Devops as below:

you mentioned “You know that your org/project is bound when you see the Azure logo, next to the name in SonarCloud UI.”

I can see this on****/projects?sort=-analysis_date

But nothing in particular is shown on the projects themselves.


Hey @Benjamin_Mullaney,

I took a look and we can say for sure:

  • your organization is bound to Azure DevOps
  • your projects are created manually - not imported and selected from the list from Azure but created manually

The second point makes it impossible to use only org level token. Binding unbound projects is on our roadmap and after it is delivered you will not have to update the tokenes separately. If you do not care about the history, you can delete the project and reimport it recommended way (through “+” icon and select from Azure).

Marcin Majewski

1 Like

I tested creating the project first then pushing the analysis in the pipeline to that project instance and can see the “azure binding” that was missing on other projects and can confirm the PR decorations work without setting a token :slight_smile:

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.