We are removing the sonar.login property from SonarQube Cloud scanners. This property was deprecated in July 2023 Community announcement on deprecation in favor of sonar.token, and no removal date was communicated at the time. We are now setting a firm date.
Key dates:
- July 17, 2023: sonar.login was deprecated. Users passing this property started receiving in-product warnings.
- June 11, 2026: sonar.login is fully removed from SonarQube Cloud. Analyses relying on this property will fail to authenticate.
How to know if you are impacted by this change?
- YOU ARE impacted if your scanner configuration includes sonar.login whether passed via CLI argument, properties file, or CI environment variable.
- You are NOT impacted if you are already authenticating with sonar.token. No action is needed.
How to detect if you are using sonar.login?
Check for the property in the following places:
- Your sonar-project.properties file
- Your CI pipeline configuration (e.g., -Dsonar.login=… in a scan step)
- Any environment variable named SONAR_LOGIN passed to the scanner
If you’ve been seeing a deprecation warning about the use of ‘sonar.login’ in your scanner logs, you are affected.
Steps you must take:
Replace sonar.login with sonar.token. Our documentation covers everything you need: how to generate a token and how to pass it to the scanner.
See: Managing Personal Access Tokens
We understand this may cause some inconvenience and are committed to making this transition as smooth as possible. Don’t hesitate to ask if you have any questions.
P.S. Do you have feedback or questions about your analysis configuration experience? Book a call with me (a Product Manager) or message me directly in the community.