Just wondering why we see any other members not connected even to our company when we try to add members to our SonarCloud instance?
Hey there.
SonarCloud users exist independent of the organization they belong to, and can belong to multiple.
This is not really different than inviting users to an org on GitHub.
Alright, well, from the security perspective, if I want to know if a company uses SonarCloud, I can do some research on SonarCloud. It just does not calculate well on my side to be honest. I understand that this is as per design, but, let’s say we do onboard more users and more organizations, does it mean that anyone in the world will be able to search for our users and find them in the list?
I’ve pinged the right team to see if they can provide some perspective. Hold tight. 
1 Like
Thanks @Colin. In reality, it might be possible to add someone by mistake as well, that’s why it should be better to keep the members separate, or if we have conneted a specific Azure DevOps organization, then we could see users in that organization. I hope this comes with Enterprise features.