Azure DevOps Blog
DevOps, Git, and Agile updates from the team building Azure DevOps
Latest posts
Removing Azure Resource Manager reliance on Azure DevOps sign-ins
Azure DevOps will no longer depend on the Azure Resource Manager (ARM) resource (https://management.azure.com) when you sign in or refresh Microsoft Entra access tokens. Previously, Azure DevOps required the ARM audience during sign-in and token refresh flows. This requirement meant administrators had to allow all Azure DevOps users to bypass ARM-based Conditional Access policies to maintain access to ADO. Tokens for Azure DevOps no longer require the ARM audience. As a result, you can manage Azure DevOps access more effectively by creating Azure DevOps-specific Conditional Access policy instead of relying on th...
Azure DevOps MCP Server, Public Preview
A few weeks ago at BUILD, we announced the upcoming Azure DevOps MCP Server: 👉 Azure DevOps with GitHub Repositories – Your path to Agentic AI Today, we’re excited to share that the local Azure DevOps MCP Server is now available in public preview. This lets GitHub Copilot in Visual Studio and Visual Studio Code access and interact with your Azure DevOps environment, including work items, pull requests, test plans, builds, releases, and wiki pages. 🤷♂️ What is an MCP Server? A local MCP Server (Model Context Provider) is a tool that sits between your AI assistant (like GitHub Copilot) and your Azure DevOps or...
June Patches for Azure DevOps Server
Today we are releasing patches that impact the latest version of our self-hosted product, Azure DevOps Server. We strongly encourage and recommend that all customers use the latest, most secure release of Azure DevOps Server. You can download the latest version of the product, Azure DevOps Server 2022.2 from the Azure DevOps Server download page. Note: Azure DevOps Server 2022.2 is the latest version of Azure DevOps Server. If you have installed Azure DevOps Server 2022 or Azure DevOps Server 2022.1, you should first upgrade to Azure DevOps Server 2022.2 and then install Azure DevOps Server 2022.2 Patch 6. ...
Restricting PAT Creation in Azure DevOps Is Now in Preview
As organizations continue to strengthen their security posture, restricting usage of personal access tokens (PATs) has become a critical area of focus. With the latest public preview of the Restrict personal access token creation policy in Azure DevOps, Project Collection Administrators (PCAs) now have another powerful tool to reduce unnecessary PAT usage and enforce tighter controls across their organizations. 🗣️ This has been one of our most requested features -- we're excited to finally deliver it. Why This Matters PATs are a convenient way for users to authenticate with Azure DevOps, but they also pose...
GitHub Secret Protection and GitHub Code Security for Azure DevOps
Following the changes to GitHub Advanced Security on GitHub, we're launching the standalone security products of GitHub Secret Protection and GitHub Code Security for Azure DevOps today. You can bring the protection of Advanced Security to your enterprise with the flexibility to enable the right level of protection for your repositories. GitHub Secret Protection for Azure DevOps Secret Protection is available for $19 per active committer per month, which provides features including: GitHub Code Security for Azure DevOps Code Security is available for $30 per active committer per month, which provides f...
Azure DevOps with GitHub Repositories – Your path to Agentic AI
GitHub Copilot has evolved beyond a coding assistant in the IDE into an agentic teammate – providing actionable feedback on pull requests, fixing bugs and implementing new features, creating pull requests and responding to feedback, and much more. These new capabilities will transform every aspect of the software development lifecycle, as we are already seeing on our own teams within Microsoft and GitHub. Copilot’s agentic capabilities are most powerful when your code lives in GitHub, and that’s why we’ve been working hard to make the experience of using GitHub, Copilot, and Azure DevOps seamless. Now is the tim...
One Pipeline to Rule Them All: Ensuring CodeQL Scanning Results and Dependency Scanning Results Go to the Intended Repository
"One Ring to rule them all, One Ring to find them, One Ring to bring them all, and in the darkness bind them." – J.R.R. Tolkien, The Lord of the Rings In the world of code scanning and dependency scanning, your pipeline is the One Ring—a single definition that can orchestrate scans across multiple repositories. However, much like the One Ring, if misused, it can lead to chaos: publishing results to the unintended repository. Fear not, brave developer! This guide will show you how to wield your pipeline wisely so that CodeQL scanning results and Dependency Scanning results are always published to the inten...
Introducing Azure DevOps ID Token Refresh and Terraform Task Version 5
We are excited to share some recent updates that improve the experience of using Workload identity federation (OpenID Connect) with Azure DevOps and Terraform on Microsoft Azure. Many working parts have come together to make this possible and we'll share those here. We are also very pleased to announce version 5 of the Microsoft DevLabs Terraform Task, which supports ID Token refresh by default. What is ID Token Refresh? Workload identity federation requires an ID Token issued from the identity provider, in our case Azure DevOps. This ID Token has a short lifespan of ~5 minutes by design. It is immediately ex...
Spring Cleaning: A CTA for Azure DevOps OAuth Apps with expired or long-living secrets
Today, we officially closed the doors on any new Azure DevOps OAuth app registrations. As we prepare for the end-of-life for Azure DevOps OAuth apps in 2026, we'll begin outreach to engage existing app owners and support them through the migration process to use the Microsoft Identity platform instead for future app development with Azure DevOps. This platform, used across Microsoft teams, can access the same Azure DevOps REST APIs, with the added benefit of ongoing regular investment and additional security controls available to company admins. We've collected a list of helpful resources from Microsoft Entra do...