Help center

Azure Boards Access Scopes

There are required Azure Board access token scopes that must be selected for Version Control for data and work items integration. The required scopes are:

  • Advanced Security
    Detection and alerting on security vulnerabilities in code
  • Agent Pools
    Manage agent pools and agents
  • Analytics
    Read data from the analytics service
  • Auditing
    Read audit log events, manage and delete streams.
  • Build
    Artifacts, definitions, requests, queue a build, and update build properties
  • Code
    Source code, repositories, pull requests, and notifications
  • Connected server
    Access endpoints
  • Deployment Groups
    Manage deployment groups and deployment pools
  • Entitlements
  • Environment
    Read and manage environment
  • Extension Data
    Read and write
  • Extensions
    Read, install, uninstall, and write data
  • Graph
    Read, group, scope, and add
  • Identity
    Identities and groups
  • Marketplace
    Read, publish, update, and manage items and publishers
  • Member Entitlement Management
    Read and manage users
  • Notifications
    Read, write, manage, and publish
  • Packaging
    Create, read, update, and delete feeds and packages
  • Pipeline Resources
    Manage a pipeline run’s access to pipeline resources
  • Project and Team
    Create, read, update, and delete
  • Pull Request Threads
    Read & write to pull request comment threads
  • Release
    Read, update, and delete releases, release pipelines, and stages
  • Secure Files
    Read, create, and manage
  • Security
    Read, write, and manage
  • Service Connections
    Read, query, and manage
  • Symbols
    Read, write, and manage
  • Task Groups
    Read, create, and manage
  • Team Dashboard
    Read and manage
  • Test Management
    Read, create, and update test plans, cases, and results
  • Token Administration
    Read and revoke
  • Tokens
    Read, update, and revoke
  • User Profile
    Write to profile
  • Variable Groups
    Read, create and manage
  • Wiki
    Read, create, and update
  • Work Items
    Work items, queries, backlogs, plans, and metadata

    The detailed descriptions of all scopes can be found in the following link, in accordance with the access provided.
    https://learn.microsoft.com/en-us/azure/devops/integrate/get-started/authentication/oauth?view=azure-devops#scopes