Angel Wong

Azure DevOps OAuth Client Secrets Now Shown Only Once

We’re making an important change to how Azure DevOps displays OAuth client secrets to align with industry best practices and improve our overall security posture. Starting September, newly generated client secrets will be shown only once at the time of creation. After that, they will no longer be retrievable via the UI or API. This […]
The post Azure DevOps OAuth Client Secrets Now Shown Only Once appeared first on Azure DevOps Blog.
Read More
Feed
13 Aug 2025

Real-Time Security with Continuous Access Evaluation (CAE) comes to Azure DevOps

We’re thrilled to announce that Continuous Access Evaluation (CAE) is now supported on Azure DevOps, bringing a new level of near real-time security enforcement to your development workflows. 🔐 What Is CAE? Continuous Access Evaluation (CAE) is a feature from Microsoft Entra ID that enables near real-time enforcement of Conditional Access policies. Traditionally, Microsoft Entra […]
The post Real-Time Security with Continuous Access Evaluation (CAE) comes to Azure DevOps appeared first on Azure DevOps Blog.
Read More
Feed
12 Aug 2025

Removing Azure Resource Manager reliance on Azure DevOps sign-ins

Azure DevOps will no longer depend on the Azure Resource Manager (ARM) resource (https://management.azure.com) when you sign in or refresh Microsoft Entra access tokens. Previously, Azure DevOps required the ARM audience during sign-in and token refresh flows. This requirement meant administrators had to allow all Azure DevOps users to bypass ARM-based Conditional Access policies to […]
The post Removing Azure Resource Manager reliance on Azure DevOps sign-ins appeared first on Azure DevOps Blog.
Read More
Feed
26 Jun 2025

Restricting PAT Creation in Azure DevOps Is Now in Preview

As organizations continue to strengthen their security posture, restricting usage of personal access tokens (PATs) has become a critical area of focus. With the latest public preview of the Restrict personal access token creation policy in Azure DevOps, Project Collection Administrators (PCAs) now have another powerful tool to reduce unnecessary PAT usage and enforce tighter […]
The post Restricting PAT Creation in Azure DevOps Is Now in Preview appeared first on Azure DevOps Blog.
Read More
Feed
6 Jun 2025

No new Azure DevOps OAuth apps beginning February 2025

Starting February 3, 2025, we will no longer accept new registrations of Azure DevOps OAuth apps. This is the first step we’ll be taking towards our longer-term vision of sunsetting the Azure DevOps OAuth platform. Moving forward, we’ll be publicly advocating all developers that are building applications on top of Azure DevOps REST APIs to […]
The post No new Azure DevOps OAuth apps beginning February 2025 appeared first on Azure DevOps Blog.
Read More
Feed
29 Oct 2024

End of Support for Microsoft products reliant on older Azure DevOps authentication

Azure DevOps will no longer guarantee support for older authentication methods in use by out-of-support Visual Studio and Microsoft products. Known impacted clients include:
Visual Studio 2010 (end of support: July 14, 2020)

Visual Studio 2012 (end of support: January 10,
The post End of Support for Microsoft products reliant on older Azure DevOps authentication appeared first on Azure DevOps Blog.
Read More
Programming
4 Apr 2024

Regenerating secrets for Azure DevOps OAuth applications

You can now self-regenerate new client secrets as needed for apps made on top of the Azure DevOps’ OAuth platform. A valid, active client secret is critical for getting a refresh token to continue using your app. Once the secret has expired,
The post Regenerating secrets for Azure DevOps OAuth applications appeared first on Azure DevOps Blog.
Read More
Programming
6 Feb 2024

Final notice of alternate credentials deprecation

In November 2019, we announced that the alternate credentials feature will be formally deprecated in March 2020. Since then, a small number of users were grandfathered in with continued usage of existing alternate credentials, which have remained active until today.

We will be discontinuing all usage of alternate credentials this month.
The post Final notice of alternate credentials deprecation appeared first on Azure DevOps Blog.
Read More
Programming
20 Jan 2024

New Azure DevOps scopes now available for Microsoft Identity OAuth delegated flow apps

We have added new Azure DevOps scopes for delegated OAuth apps on the Microsoft Identity platform, also colloquially known as Azure Active Directory OAuth apps. These new scopes will enable app developers to announce specifically which permissions they are hoping to request from the user in order to perform app duties.
The post New Azure DevOps scopes now available for Microsoft Identity OAuth delegated flow apps appeared first on Azure DevOps Blog.
Read More
Programming
28 Sep 2023

Managed identity and service principal support for Azure DevOps now in General Availability (GA)

After announcing the release of Managed Identity and Service Principal support in public preview last March, we were overcome by the positive response many of you had. We’re grateful to those who have taken the time to implement a managed identity within your apps and tools.
The post Managed identity and service principal support for Azure DevOps now in General Availability (GA) appeared first on Azure DevOps Blog.
Read More
Programming
27 Sep 2023