How to create Personal Access Tokens (PATs) from Azure DevOps?

  • Home
  • Consulting
  • How to create Personal Access Tokens (PATs) from Azure DevOps?

To create a Personal Access Token (PAT) in Azure DevOps, follow these steps:

  1. Sign In to Azure DevOps:
    • Navigate to your organization at https://dev.azure.com/{yourorganization}.
    • Enter your credentials to access your Azure DevOps account.
  2. Access Personal Access Tokens:
    • Click on your profile picture or initials in the top-right corner of the Azure DevOps portal.
    • Select Personal access tokens from the dropdown menu.
  3. Create a New Token:
    • Click on the + New Token button.
    • Provide a Name for the token to identify its purpose.
    • Select the Organization where the token will be used.
    • Set the Expiration date for the token. Choose a duration that aligns with your security requirements.
  4. Define Scopes and Permissions:
    • Select the appropriate Scopes to specify the permissions for the token.
      • For example, to manage code repositories, select Code and choose the desired access level (e.g., Read, Write, Manage).
    • Ensure you grant only the necessary permissions to adhere to the principle of least privilege.
  5. Create and Copy the Token:
    • After configuring the token, click on the Create button.
    • Once the token is generated, copy it immediately and store it securely.
      • Note: This is the only time the token will be displayed. If you lose it, you’ll need to create a new one.
  6. Use the PAT for Authentication:
    • When accessing Azure DevOps services programmatically or via tools, use the PAT as the password.
    • For Git operations, you can use the PAT in place of your password when prompted.

Security Best Practices:

  • Limit Scope: Assign the minimal necessary permissions to the PAT.
  • Set Appropriate Expiration: Choose an expiration period that balances convenience and security.
  • Secure Storage: Store the PAT in a secure location, such as a password manager.
  • Regular Rotation: Periodically regenerate and update your PATs to enhance security.
  • Revoke When Not Needed: If a PAT is no longer required, revoke it to prevent unauthorized access.
Previous Post
Newer Post
Cart

No products in the cart.

X