Posts by this author

Mar 26, 2025
Post comments count0
Post likes count1

New Overlapping Secrets on Azure DevOps OAuth

As you may have read, Azure DevOps OAuth apps are due for deprecation in 2026. All developers are encouraged to migrate their applications to use Microsoft Entra ID OAuth, which can access all Azure DevOps APIs and has the added benefit of enhanced security features and long-term investment. Although we are nearing Azure DevOps OAuth’s end-of-life...

Azure & CloudDevOps
Feb 4, 2025
Post comments count2
Post likes count4

Full web support for conditional access policies across Azure DevOps and partner web properties

We’re happy to announce that we’ve made significant progress in updating our web authentication stack on Azure DevOps services and partner web properties to utilize Microsoft Entra tokens to handle web sessions. By replacing our previous cookies with Entra tokens, we’ve deepened the integration we have with Microsoft Entra ID on our web experience...

Azure & CloudDevOpsUX
Jan 6, 2025
Post comments count8
Post likes count4

Reducing personal access token (PAT) usage across Azure DevOps

In the new year, we’ll be making moves towards strengthening Microsoft and our customers' security posture in regards to the usage and creation of personal access tokens (PATs). If you’ve been following this blog, you may have noticed we’ve been distancing away from PATs as the recommended authentication method for Azure DevOps APIs by offering re...

Azure & CloudSecurity
Oct 28, 2024
Post comments count4
Post likes count2

No new Azure DevOps OAuth apps beginning April 2025

(Edit 03/26: Dates have been changed to April 2025.) Starting April 2025, we will no longer accept new registrations of Azure DevOps OAuth apps. This is the first step we’ll be taking towards our longer-term vision of sunsetting the Azure DevOps OAuth platform. Moving forward, we’ll be publicly advocating all developers that are building applicati...

Azure & CloudDevOps
Apr 3, 2024
Post comments count3
Post likes count1

End of Support for Microsoft products reliant on older Azure DevOps and Visual Studio authentication

Azure DevOps will no longer guarantee support for older authentication methods in use by out-of-support Visual Studio and Microsoft products. Known impacted clients include: This may not be a comprehensive list of impacted products, but affected products are expected to be out of support already per Microsoft’s product end of su...

Azure & Cloud
Feb 5, 2024
Post comments count1
Post likes count5

Regenerating secrets for Azure DevOps OAuth applications

You can now self-regenerate new client secrets as needed for apps made on top of the Azure DevOps' OAuth platform. A valid, active client secret is critical for getting a refresh token to continue using your app. Once the secret has expired, you will also no longer be able to get access and refresh tokens needed to access Azure Devops APIs through ...

Azure & Cloud
Jan 19, 2024
Post comments count0
Post likes count2

Final notice of alternate credentials deprecation

In November 2019, we announced that the alternate credentials feature will be formally deprecated in March 2020. Since then, a small number of users were grandfathered in with continued usage of existing alternate credentials, which have remained active until today. We will be discontinuing all usage of alternate credentials this month. Users have...

DevOpsSecurity
Sep 28, 2023
Post comments count0
Post likes count2

New Azure DevOps scopes now available for Microsoft Identity OAuth delegated flow apps

We have added new Azure DevOps scopes for delegated OAuth apps on the Microsoft Identity platform, also colloquially known as Azure Active Directory OAuth apps. These new scopes will enable app developers to announce specifically which permissions they are hoping to request from the user in order to perform app duties. They may look familiar as the...

Azure & CloudDevOpsSecurity
Sep 27, 2023
Post comments count7
Post likes count3

Managed identity and service principal support for Azure DevOps now in General Availability (GA)

After announcing the release of Managed Identity and Service Principal support in public preview last March, we were overcome by the positive response many of you had. We’re grateful to those who have taken the time to implement a managed identity within your apps and tools. With your help, we’ve collected valuable feature feedback and resolved som...

Azure & CloudDevOpsSecurity
Mar 30, 2023
Post comments count20
Post likes count19

Introducing Service Principal and Managed Identity support on Azure DevOps

We are proud to announce that Service Principals and Managed Identities can now be used to authenticate with Azure DevOps. For those who have not heard of them before, these Azure Active Directory identities enable teams to gain access to your Azure DevOps organizations acting as their own application, not as a human user or service account. Why...

DevOpsSecurity