{"id":45265,"date":"2018-07-05T19:15:59","date_gmt":"2018-07-05T19:15:59","guid":{"rendered":"https:\/\/blogs.msdn.microsoft.com\/devops\/?p=45265"},"modified":"2019-02-14T15:48:52","modified_gmt":"2019-02-14T23:48:52","slug":"if-i-am-a-vsts-stakeholder-can-i-also-be-an-admin","status":"publish","type":"post","link":"https:\/\/devblogs.microsoft.com\/devops\/if-i-am-a-vsts-stakeholder-can-i-also-be-an-admin\/","title":{"rendered":"If I am a VSTS Stakeholder, can I also be an Admin?"},"content":{"rendered":"<p>Today, we\u2019re excited to announce that users with the Stakeholder access level can now be administrators in <a href=\"http:\/\/aka.ms\/vsts\">Visual Studio Team Services<\/a> (VSTS). With these upcoming changes, Stakeholders can administer access levels, permissions, and settings \u2013 if they have been granted permissions to do so. Previously, they were only able to invite users and assign them an access level, and could never act as full administrators without also being granted a Basic access level.<\/p>\n<h2>Why change?<\/h2>\n<p>When we <a href=\"https:\/\/devblogs.microsoft.com\/bharry\/upcoming-vs-online-licensing-changes\/\">first introduced Stakeholder in 2014<\/a>, the goal was to allow people who just wanted to track progress or file an occasional bug to do so without having to pay for a Basic access level. Since then, we\u2019ve seen it widely adopted to allow project stakeholders to collaborate with their teams easily, and for free.<\/p>\n<p>Despite this success, we\u2019ve heard feedback that some customers want to allow Stakeholders to be admins in their account \u2013 they have users who just need to manage security and permissions and don\u2019t want to pay for them to do so. We think this makes a lot of sense and will make it even easier for teams to collaborate with VSTS.<\/p>\n<h2>What are the specific changes?<\/h2>\n<p>The additional actions that users with the Stakeholder access level will be entitled to are:<\/p>\n<ul>\n<li>Create new projects and teams<\/li>\n<li>Edit account, project, and team information<\/li>\n<li>Add users to projects and teams<\/li>\n<li>Manage the permissions of users and groups on the Security pages<\/li>\n<li>Manage settings on all the Settings pages (i.e. Work, Notifications, Services, Release Retention etc.).<\/li>\n<li>Add, update, delete, and manage Dashboards<\/li>\n<\/ul>\n<p>These changes will go into effect in July, with the exact date determined by our deployment schedule. We\u2019ll update this post and our docs when the changes are in production.<\/p>\n<h2>Will this affect me?<\/h2>\n<p>If you have any users with the Stakeholder license in an admin Security Group, they will get more access then they do today. The default admin Security Groups are Project Collection Administrators, Project Collection Build Administrators, Project Administrators, Build Administrators, Endpoint Administrators, Release Administrators, and Team Administrators. If you have custom Security Groups that grant admin permissions, Stakeholders in those will also be affected.<\/p>\n<p>To prevent these changes, you can take your Stakeholders out of these groups, or set up custom groups as needed.<\/p>\n<p>If your users with the Stakeholder access level are not in any admin Security Groups, these changes will not affect you. This is because in VSTS, a user can only take an action if their access level grants the action and their permissions Allow the action. The changes we are making change what the access level grants. They do not change what permissions your users have. As an example, let\u2019s look at the \u2018Create new project\u2019 action:<\/p>\n<p style=\"padding-left: 30px\">Grace has a Stakeholder access level and is in the Contributors security group. Because neither the Stakeholder license nor the Contributors security group grant \u2018Create new project\u2019, she can\u2019t take that action. With these changes, the Stakeholder license will grant the action, but the Contributors security group still will not. So Grace still will not be able to create a new project.<\/p>\n<p>You can <a href=\"https:\/\/docs.microsoft.com\/en-us\/vsts\/organizations\/security\/about-permissions?view=vsts\">learn more about how permissions and groups work<\/a>, or view our <a href=\"https:\/\/docs.microsoft.com\/en-us\/vsts\/organizations\/security\/about-security-identity?view=vsts#security-groups-and-permissions\">default security groups<\/a>.<\/p>\n<p>Thank you!\nWe\u2019re excited for these changes and hope they\u2019ll help make VSTS an even easier product for teams of all sizes to use.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Today, we\u2019re excited to announce that users with the Stakeholder access level can now be administrators in Visual Studio Team Services (VSTS). With these upcoming changes, Stakeholders can administer access levels, permissions, and settings \u2013 if they have been granted permissions to do so. Previously, they were only able to invite users and assign them [&hellip;]<\/p>\n","protected":false},"author":256,"featured_media":45953,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[228,1,251],"tags":[],"class_list":["post-45265","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-admin-licensing","category-devops","category-security"],"acf":[],"blog_post_summary":"<p>Today, we\u2019re excited to announce that users with the Stakeholder access level can now be administrators in Visual Studio Team Services (VSTS). With these upcoming changes, Stakeholders can administer access levels, permissions, and settings \u2013 if they have been granted permissions to do so. Previously, they were only able to invite users and assign them [&hellip;]<\/p>\n","_links":{"self":[{"href":"https:\/\/devblogs.microsoft.com\/devops\/wp-json\/wp\/v2\/posts\/45265","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/devblogs.microsoft.com\/devops\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/devblogs.microsoft.com\/devops\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/devops\/wp-json\/wp\/v2\/users\/256"}],"replies":[{"embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/devops\/wp-json\/wp\/v2\/comments?post=45265"}],"version-history":[{"count":0,"href":"https:\/\/devblogs.microsoft.com\/devops\/wp-json\/wp\/v2\/posts\/45265\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/devops\/wp-json\/wp\/v2\/media\/45953"}],"wp:attachment":[{"href":"https:\/\/devblogs.microsoft.com\/devops\/wp-json\/wp\/v2\/media?parent=45265"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/devops\/wp-json\/wp\/v2\/categories?post=45265"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/devops\/wp-json\/wp\/v2\/tags?post=45265"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}