Hi there,
Yup, sonar.login is enough when using tokens, no need to set sonar.password .
The issue you're referring to is probably unrelated to any of that then (assuming you did not do any typo when copy/pasting the token). For example something permissions -related, or else. Could you share the logs from the analysis, and clarify the actual value that is passed to sonar.projectKey ?
Best regards,
Nicolas