# Troubleshooting Azure DevOps permission errors

#### When performing backup or restore operations with Azure DevOps, you may occasionally encounter access related errors. While some messages are generic, Azure DevOps often provides specific error codes and descriptions that point directly to the missing permission.

***

## Understanding permission errors

If a task fails due to insufficient privileges, **Xopero ONE** will display the error returned by the **Azure DevOps** API in the task summary. These messages usually follow a structured format containing a message and a **typeName**.

<table><thead><tr><th width="155">Error code</th><th width="286">Message example</th><th>Resolution</th></tr></thead><tbody><tr><td>TF401027</td><td>"You need the Git 'CreateRepository' permission to perform this action."</td><td>The account lacks the <strong>Create repository</strong> permission at the repositories level.</td></tr><tr><td>VS402356</td><td>"You do not have the permissions required to perform the attempted operation on this process."</td><td>The account lacks the <strong>Create process</strong> or <strong>Edit process</strong> permission at the organization level.</td></tr><tr><td>TF50309</td><td>"The following permissions are needed to perform this operation: Create new projects."</td><td>The account lacks the <strong>Create new projects</strong> permission at the organization level.</td></tr><tr><td>VS800075</td><td>"The project with id 'proj' does not exist, or you do not have permission to access it."</td><td>Generic error, this occurs when the account has no access to the project at all. Verify the user access level and project-level memberships.</td></tr></tbody></table>

***

## Resolving permission errors

If you encounter one of the specific errors listed above, follow these steps to adjust your configuration:

{% stepper %}
{% step %}
Look at the error message to see if the scope is project, organization, or repository.
{% endstep %}

{% step %}
Ensure the identity mentioned in the error (e.g., <kbd>identity '...\\\\<user@example.com>'</kbd>) matches the account used for the **Xopero ONE** integration.
{% endstep %}

{% step %}
Adjust settings in **Azure DevOps**.

1. Navigate to **Project Settings** or **Organization Settings** in **Azure DevOps**.
2. Go to the **Permissions** or **Security** tab.
3. Find the user or the group the user belongs to and set the missing permission (e.g., **Create new projects**) to **Allow**.
   {% endstep %}

{% step %}
Once the permissions are updated, go back to **Xopero ONE** and restart the failed task.
{% endstep %}
{% endstepper %}

{% hint style="info" %}
Just like with **GitHub** integrations, **Xopero ONE** dynamically processes error messages to help you identify exactly which permission needs to be added to your **Azure DevOps** account. Always check the task summary for a detailed list of required permissions.
{% endhint %}