The token doesn't have the required permissions (Code: Read & Write)

Attempting to import our Azure DevOps organisation to SonarCloud, i click the + > Analyse New Project > Import another organisation.

I’ve entered the AzureDevOps organisation name ‘glasswall’
I’ve created my PAT and entered the token, but upon doing so i get 'The token doesn’t have the required permissions (Code: Read & Write).

After checking my PAT, i can confirm it has those permissions, but it still isn’t being accepted. So right now, i’m unable to import our Azure DevOps projects.

Any advice on how to solve this problem please?

After some further digging, it appears that if ‘Enable Azure Active Directory Conditional Access Policy Validation;’ is on, it causes an issue with authenticating with SonarCloud - is there a work around for this?

Hi @ChrisHolman and welcome to the community !

I’m afraid there are no workaround possible currently for this.


Thanks for the reply Mickaël!

So if this option is switched on, we’re unable to use SonarCloud?

This is true, yes.

What are the IP addresses associated to SonarCloud? We can add them to the CAP so the communication can succeed.

Hi @ChrisHolman

We don’t have fixed IPs, you’ll have to rely on the domain itself.


Thanks! I assume whitelisting will be sufficient?

It should be, but as far as i remember this is not possible to do it like that with the CAP ?

We whitelisted the IP associated with ( but still get the 'The token doesn’t have the required permissions (Code:Read & Write).