Skip to main content
availability

Package: Invicti AppSec Core (on-demand), Invicti AppSec Enterprise (on-premise, on-demand)

Azure DevOps Server Issues

Prerequisites

Before starting the integration, ensure that access to the relevant Azure DevOps organization is available and that the account being used has sufficient permissions to create Personal Access Tokens. These permissions are required to generate the token that is used by Invicti AppSec during the integration process.

info

If Azure DevOps Server is used as an ALM, the Issue Manager can be enabled with a single checkbox during the ALM integration. If the Issue Manager is used as a standalone integration, this guide can be followed.

Integration steps

  1. Sign in to the Azure DevOps.
  2. From the home page, open User settings and navigate to Personal access tokens.
azure access token.
  1. Select + New Token to start the token creation process.
azure new token.
  1. Define the token details:
    • Provide a descriptive name for the token
    • Select All accessible organizations. If the All accessible organizations option isn't selected, the token fails during the integration process. During integration, the system already prompts for the organization to be used. When a specific organization is selected while creating the token, the system attempts to validate access across all organizations, which results in an error and causes the integration to fail
    • Choose an appropriate expiration period for the token
    • Configure the token Scope as a Full Access
    • Complete the process by creating the token
  2. Copy and securely store the generated token. For security reasons, the token isn't displayed again after leaving or refreshing the page.
  3. After this step, the process can be continued from the Invicti AppSec UI using the generated token.
azure server test connection.

Under Advanced Settings, there are specific configuration options for Azure DevOps Services. When these toggles are enabled, the relevant permissions are granted not only to Administrators but also to Team Leads. This allows Team Leads to add their own organizations as new instances, onboard projects through these instances, and manage access to them independently.

Need help?

Invicti Support team is ready to provide you with technical help. Go to Help Center

Last updated on
Was this page useful?