Reuse a generated token

Noob here and trying to understand how to use a generated token for multiple project.

After the value is generated it is associate with a defined name. However when creating additional project the generated value is required, not the defined name. To this point I have found no way within the UI to retrieve the generated value for a previously named token.

I can see where named tokens may be deleted, the value may not be viewed. It seems that the only way to keep this information is to record it externally when first generated. Is this the usual practice or it is better to generate a new token for every project?

Hi,

Welcome to the community!

That’s by design.

Even though the new project wizard has you create a new token for each project, that’s mainly for convenience. The idea is that most people with more than one project will have a CI system (e.g. Jenkins). In that system they’ll have some global data about SonarQube configured, such as the URL and… the token value of a user with analysis permissions.

Then for each new project, you simply configure your CI to analyze it. Analysis automatically uses that token, and there you go.

So… that’s how to set it up on an industrial scale. On the other hand if you want to be a little paranoid about it (and who doesn’t love a little paranoia on a Monday? :smile:), you do generate a new token for each project. Then if you ever realize that a token is being misused, you can granularly revoke only that token and disrupt analysis for a single project rather than for everything in your organization.

 
HTH,
Ann

Even if you store them in Jenkins they’re secure so if you want to then reuse them elsewhere you still don’t know what the value is.

We store all our tokens for all our products in a secure password store (we use Password Safe). This allows us to retrieve the value later if we need to use it in another system.