Showing results for Security - Azure DevOps Blog

Today, we officially closed the doors on any new Azure DevOps OAuth app registrations. As we prepare for the end-of-life for Azure DevOps OAuth apps in 2026, we'll begin outreach to engage existing app owners and support them through the migration process to use the Microsoft Identity platform instead for future app development with Azure DevOps. ...

Earlier this year, we announced an upgrade to our network infrastructure and the new IP addresses you need to allow list in your firewall - Update to Azure DevOps Allowed IP addresses - Azure DevOps Blog. This is our second blog post to inform you that starting from April 23rd, 2025, we will be requiring Server Name Indication (SNI) on all incomin...

We are excited to announce some important upgrades to our networking infrastructure that will enhance the performance and reliability of our service. As part of these infrastructure upgrades, we are introducing new IP addresses that you will need to allow list in your firewall configurations. What’s Changing And Why? We are transitioning from the...

In the new year, we’ll be making moves towards strengthening Microsoft and our customers' security posture in regards to the usage and creation of personal access tokens (PATs). If you’ve been following this blog, you may have noticed we’ve been distancing away from PATs as the recommended authentication method for Azure DevOps APIs by offering re...

In the world of software development, security is paramount. As developers, we strive to write clean, efficient, and most importantly, secure code. GitHub Advanced Security for Azure DevOps has always been at the forefront of providing tools that make it easier to build and release high-quality software. Today, we’re excited to announce a new featu...

In November 2019, we announced that the alternate credentials feature will be formally deprecated in March 2020. Since then, a small number of users were grandfathered in with continued usage of existing alternate credentials, which have remained active until today. We will be discontinuing all usage of alternate credentials this month. Users have...

We are excited to announce that we have published new content to the Azure DevOps Demo Generator and Azure DevOps Labs! The Azure DevOps Labs is a great tool to help you learn about the integrated features offered in Azure DevOps. Now you can use the Azure DevOps end-to-end concepts hands-on lab to learn how you can bring together your developme...

I am thrilled to announce that we have now published, for the first time, a Consensus Assessment Initiative Questionnaire (CAIQ) specific to Azure DevOps. The Consensus Assessment Initiative Questionnaire (CAIQ) is a tool developed by the Cloud Security Alliance (CSA). It serves as a standard set of questions aimed at helping potential cloud custom...

We have added new Azure DevOps scopes for delegated OAuth apps on the Microsoft Identity platform, also colloquially known as Azure Active Directory OAuth apps. These new scopes will enable app developers to announce specifically which permissions they are hoping to request from the user in order to perform app duties. They may look familiar as the...

After announcing the release of Managed Identity and Service Principal support in public preview last March, we were overcome by the positive response many of you had. We’re grateful to those who have taken the time to implement a managed identity within your apps and tools. With your help, we’ve collected valuable feature feedback and resolved som...