My developers are making use of the IntelliJ SonarLint plugin to connect to our SonarQube server and perform local analysis
To connect to the server they need to provide a token, so I want to create a single token which can be shared across all developers. I want this token to have minimal privileges i.e. to only allow the download of rules to allow local analysis to work.
If I generate a token as a SonarQube administrator, does this mean that the token has more privileges than a token generated by a non-admin user? The SonarQube documentation implies any token has the ability to execute the full list of SonarQube Web Services.
A token you create has all your privileges. Neither is it possible to gain privileges by using a token instead of username/password, nor to restrict a tokens' privileges. In SonarQube tokens and username/password are much alike - both tell the server who you are and what you are allowed to do.
A solution in your case might be: