Sonar Cloud Azure DevOps Authentication with Service Principal

I am interested to know whether there are initiatives to integrate azure service principal/managed identity authentication mechanism instead of PAT token for sonar cloud projects.

The same question was asked around 2022, but Azure DevOps had no support for this back then.

Just recently, [Microsoft announced that this feature has been implemented and is the recommended way of authentication]( Use service principals & managed identities - Azure DevOps | Microsoft Learn)

2 Likes

Hello Mehrdad,

Thank you for your insight.

We are aware of the Microsoft recommendation to use Azure Service Principals instead of Azure Personal Access Tokens. It is something we would like to implement not only for Azure but also for the other devOps if the functionality is available. However, this is not yet part of the roadmap. We will update our roadmap page accordingly once this is planned. Thank you.

1 Like

Is there any update on this functionality and the roadmap??? As a customer waiting for this, it is hard to understand that this seems to have such a low priority on your roadmap. :zipper_mouth_face:

1 Like

It’s a bit unfortunate that such an important feature doesn’t get the attention needed. PATs are not the safest options and tied to personal accounts. A big security risk.

1 Like

Exactly. That’s why we are working hard to change all our connections from PAT’s to modern and safe ways of authentication like SPN’s and MI’s. And preparing for the big MFA changes.