Required permissions for Azure DevOps personal access token

Personal Access Token

You need:

Username (not email address)
Personal Access Token - when generating PAT it is necessary to indicate the value “All accessible organizations” in the Organization field,

Permissions:

Build: Read & execute
Code: Read, write, & manage
Environment: Read & manage
Project and Team: Read, write, & manage
Variable Groups: Read & create
Wiki: Read & write
Work Items: Read & create

With minimal privileges, some metadata may not be included during the backup process. Choose the list of necessary permissions, depending on what data you need to protect. Remember that if you grant only read permissions, it will be possible to perform a backup, but to restore them, you will have to generate a new token/password with write permissions.

PreviousProtected Azure DevOps resources / elements / metadata NextAPI limitations

Last updated 23 days ago