Queries on Scoped Organization Token, Update Notifications, and Pipeline Authentication Issues

• Issue Description:

1. We have observed that we are not receiving prior notifications via email regarding updates, releases, or patches for SonarQube Cloud. For instance, the recent release of the Scoped Organization Token (SOT) was introduced, but we were unaware of this update beforehand. Is there a way to configure notifications to receive advance intimation about all upcoming updates?
2. We would like to understand if the Scoped Organization Token (SOT) can be leveraged for our organization. We noticed some discussions in the forum indicating that SOT may not fully replace Personal Access Tokens (PAT) in all scenarios. Could you provide clarity on this?
3. This morning, all our pipelines failed due to an authentication issue. We would like to confirm if this issue has been resolved and if there are any steps we need to take on our end to prevent such occurrences in the future.
4. 

   image277×509 39.8 KB

• Steps to Reproduce: NA

• SonarCloud Plan: Enterprise Plan (Paid)

• Environment Details: Azure DevOps

Hi,

Yes, we had an outage. It’s been fixed. It was unrelated to Scoped Organization Tokens and you should be back online now.

That’s not currently part of our communication strategy. I’ll raise that internally.

SOTs should work for analysis. This is what they’re intended for. If you’re performing administrative actions via scripted API calls or something like that, then you’ll still need a PAT from an administrator.

 
HTH,
Ann

Thank you Ann for your quick support!

Hi Ann,

Regarding notifications issue raised earlier, did you get a chance to raise it to internal team?

Hi,

I’ve raised it. Unfortunately, I don’t have an update for you.

 
Ann

Hello @akumbhar,
What I can suggest regarding notifications is for you to vote on the features that you’re interested in on our public roadmap

Best,

Nour