The issue is that the license is a variable that needs to be checked by CodeScan when it runs and the user that created the token needs certain permissions for the plugin to access the license variable.
So this can be solved by allowing access to the variable or providing the license early. Here are the options:
Enable the Execute Analysis permission on the Global level to read the CodeScan license key configured on the organization level for each member/group that is using VS Code.
Add an environment variable called codescanLicense containing the license on the user's machine. The plugin checks for this before calling out.
OR for VS Code
in VSCode settings.json, add the following setting:
OR for IntelliJ
Under Settings > Tools > CodeScan > Project Settings, click the Analysis Properties tab. Add sf.license.secured with your license as the value.
If you do not have your license available, please contact firstname.lastname@example.org