diff --git a/.github/workflows/sonarcloud-analysis.yml b/.github/workflows/sonarcloud-analysis.yml
index d4d12d3..8230e45 100644
--- a/.github/workflows/sonarcloud-analysis.yml
+++ b/.github/workflows/sonarcloud-analysis.yml
@@ -63,7 +63,7 @@ jobs:
           SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
         shell: powershell
         run: |
-          .\.sonar\scanner\dotnet-sonarscanner begin /k:"web-eid_web-eid-authtoken-validation-dotnet" /o:"web-eid" /d:sonar.cs.opencover.reportsPaths="**/TestResults/**/coverage.opencover.xml" -d:sonar.cs.vstest.reportsPaths="**/TestResults/*.trx" /d:sonar.verbose=true /d:sonar.login="${{ secrets.SONAR_TOKEN }}" /d:sonar.host.url="https://sonarcloud.io"
+          .\.sonar\scanner\dotnet-sonarscanner begin /k:"web-eid_web-eid-authtoken-validation-dotnet" /o:"web-eid" /d:sonar.cs.opencover.reportsPaths="**/TestResults/**/coverage.opencover.xml" /d:sonar.cs.vstest.reportsPaths="**/TestResults/*.trx" /d:sonar.verbose=true /d:sonar.token="$env:SONAR_TOKEN" /d:sonar.host.url="https://sonarcloud.io"
           dotnet build --configuration Release --no-restore src/WebEid.Security.sln
           dotnet test src/WebEid.Security.sln --logger trx --collect:"XPlat Code Coverage" -- DataCollectionRunSettings.DataCollectors.DataCollector.Configuration.Format=opencover --results-directory "TestResults"
-          .\.sonar\scanner\dotnet-sonarscanner end /d:sonar.login="${{ secrets.SONAR_TOKEN }}"
+          .\.sonar\scanner\dotnet-sonarscanner end /d:sonar.token="$env:SONAR_TOKEN"
diff --git a/src/WebEid.Security/Validator/AuthTokenValidator.cs b/src/WebEid.Security/Validator/AuthTokenValidator.cs
index ca7aa80..6216ea4 100644
--- a/src/WebEid.Security/Validator/AuthTokenValidator.cs
+++ b/src/WebEid.Security/Validator/AuthTokenValidator.cs
@@ -99,7 +99,7 @@ public WebEidAuthToken Parse(string authToken)
             catch (Exception ex)
             {
                 // Generally "log and rethrow" is an anti-pattern, but it fits with the surrounding logging style.
-                this.logger?.LogWarning("Token parsing was interrupted:", ex);
+                this.logger?.LogWarning(ex, "Token parsing was interrupted:");
                 throw;
             }
         }
@@ -121,7 +121,7 @@ public Task<X509Certificate2> Validate(WebEidAuthToken authToken, string current
             catch (Exception ex)
             {
                 // Generally "log and rethrow" is an anti-pattern, but it fits with the surrounding logging style.
-                this.logger?.LogWarning("Token validation was interrupted:", ex);
+                this.logger?.LogWarning(ex, "Token validation was interrupted:");
                 throw;
             }
         }