Pull request personal access token not working

I have a DevOps project/repository that has a Build Validation pipeline that is used for pull requests (PR), along side this build validation is a SonarCloud quality gate status check.

In the SonarCloud project the Pull Request settings for the Provider has been set to Azure DevOps Services and a personal access token (PAT) set.

This project setup has been working where the quality gate and comments have been successfully working as expected, however this week the SonarCloud quality gate has now failed to recognise the SonarCloud analysis has been performed and no comments are added to the PR when they should have been.

image

The PAT has been checked and is set to Code R/W access and is valid into 2025. I have also performed a test and it can gained access to our DevOps organisation. This PAT has successfully been used in SonarCloud on many projects, but has suddenly stopped working.

I temporarily created another PAT with the same access and set the SonarCloud settings, this PAT works as expected.

I would prefer not to replace the original PAT as it is used in over 100 SonarCloud projects and it is also used elsewhere unrelated to SonarCloud.

Is there any reason why a PAT would become invalid in SonarCloud, but is a valid PAT?

Hey there.

This is a common issue with PATs where the account hasn’t been logged into for 30 days.

A: PAT authentication requires you to regularly sign into Azure DevOps using the full authentication flow. Once every 30 days is sufficient for many, but you may need to sign in more often than that depending upon your Microsoft Entra configuration. If your PAT stops working, first try signing into your organization, ensuring that you go through the full authentication prompt. If your PAT still doesn’t work after that, check to see if your PAT has expired.

Is that a possibility here?

We have logged in today with this user to check the expiration date of the PAT before this post was created, but this PAT still doesn’t work on SonarCloud. It is marked as expiring in 2025. I will check the full sign in pattern for this generic user, but I performed a rest-api access query test and it successfully returned all the projects for the organisation.

I’ve sent you a private message for some additional details.