Azure DevOps Add New User and Manage Access Control

Adding a new user to Azure DevOps is a straightforward process that can be completed in a few simple steps.

To start, navigate to the Azure DevOps portal and sign in with your account credentials.

Once you're logged in, click on the "Organization Settings" icon, which is represented by a gear symbol, to access the settings menu.

From there, select "Users" to view the list of existing users and access the "Add User" button.

You can also manage access control by assigning roles to users, such as Project Administrator or Contributor, to determine their level of access and permissions.

Azure DevOps offers a range of pre-defined roles that can be assigned to users, each with its own set of permissions and access levels.

Expand your knowledge: Azure Devops Roles

To add a new user to Azure DevOps, you'll first need to ensure you meet the prerequisites.

You must be a member of a project to proceed.

You'll also need to have the necessary permissions, which include being part of a group with the right level of access.

If your organization is connected to Microsoft Entra ID, you'll need to enable the Allow team and project administrators to invite new users policy for team administrators or members of the Project Administrators group.

To get started, you should familiarize yourself with Azure DevOps basics, such as permissions, access levels, and security groups.

You can do this by reading the articles Get started with permissions, access levels, and security groups, About projects and scaling your organization, Default permissions and access quick reference, and About teams and Azure Boards tools.

Additionally, you'll need to consider the roles of Project Collection Administrators and Active Directory Administrators in enabling the new user interface for managing teams.

To enable this interface, you'll need to use the Preview features tool and follow the instructions in the Manage or enable features article.

For your interest: Azure Active Directory New Name

Adding users to your Azure DevOps organization is a straightforward process that can be completed in a few steps. You can add up to 50 users in a single transaction.

To start, sign in to your organization and select Organization settings. From there, select Users > Add users. You'll need to enter the email addresses for personal Microsoft accounts and IDs for GitHub accounts, unless you plan to use Microsoft Entra ID to authenticate users and control organization access.

If a user doesn't have a Microsoft or GitHub account, ask them to sign up for a Microsoft account or a GitHub account. You can also add users from the Team Members widget, which is a convenient way to manage team members and their access levels.

To add a user from the Team Members widget, sign in to your project and select Dashboards and then choose your dashboard. Select Manage team members on the Team Members widget and enter the email addresses for new users. For existing users, enter their name until it resolves as a known name to the system.

You can also add users or groups to a team by selecting Boards > Boards > Show team profile > Team Settings. From there, select Add and enter the sign-in address or display name for each account you want to add. You can add up to 500 users, but the total count display will stop incrementing at 500.

A fresh viewpoint: Azure Dev Ops Boards

Here are the steps to add a user to a team:

Alternatively, you can add users or groups to a project by selecting Project settings > Permissions. From there, choose one of the security groups, such as the Contributors group, and select Add to add a user or a user group.

You can also add users or groups to a project by selecting Project settings > Security. From there, choose one of the security groups, such as the Contributors group, and select Add to add a user or a user group.

Here are the steps to add a user to a project:

To add a new user to Azure DevOps, you'll need to specify some configuration options. The email-id parameter is required, and you should enter the Microsoft account's email address for the user organization.

The license-type parameter is also required, and you should select from the options of stakeholder, express, professional, or advanced. This will determine the level of access the user has, with express or higher required for users who contribute to the code base.

You can use the following table to map the access level selected through the user interface to the AccountLicenseType parameter:

You can also specify whether to send an email invite to the new user by setting the send-email-invite parameter to true or false.

To configure the parameters for your Azure DevOps organization, you'll need to specify the email address of the Microsoft account. This is required, so make sure you have it handy.

The email-id parameter is where you enter the Microsoft account's email address for the user organization. It's a required field, so don't skip it.

You'll also need to choose a license type. This is where things get a bit more nuanced. Depending on the access level you've selected, you'll need to enter a specific type. For example, if you've chosen a stakeholder access level, you'll need to enter "stakeholder" as the license type.

Here's a quick reference table to help you map access levels to license types:

You can also choose whether to send an email invite to the new user. This is an optional parameter, so you can skip it if you don't need to send an email.

You can add new or existing users to teams or projects in various ways, depending on your administrator level and interface.

Team and project administrators can add existing users to their team or project, and existing users are those known to a project collection through Active Directory or Windows Group created for the server that hosts the on-premises Azure DevOps Server.

Team and project administrators can add new or existing users to a team, and send new users an invitation.

Add existing users or groups to a team: you can add new or existing users, send new users an invite, and optionally add users to one or more teams.

You can add existing users or groups to a security group, and by adding to a team group, you effectively add them to the team.

Organization settings > Users: you can add new users to an organization and send an invite, and must specify the access level.

Recommended read: Azure Devops Server

Here are the supported options for adding users:

You can add a user to your organization or a specific project in Azure DevOps. The process is similar, but there are some key differences.

To add a user to your organization, you can use the command line tool az devops user add, which grants stakeholder level access to the user and shows the result in table format.

You can also add a user to the project-level Contributors group, which is the default security group for people who contribute to your project. This group is automatically included as a member of the Contributors group.

Here are the steps to add a user to a project:

1. Sign in to your project (https://dev.azure.com/{Your_Organization/Your_Project}).

2. Select Project settings > Security.

3. Under Groups, choose one of the following options: Contributors group or any team group to add users to a specific team.

Worth a look: Azure Add Member to Group

4. Choose the Members tab and select Add to add a user or a user group.

5. Enter the name of the user account into the text box, separated by commas, and choose the match(es) that meets your requirements.

6. Choose Save changes when complete.

Note that the first time you add a user or group to Azure DevOps, you can't browse to it or check the friendly name. After the identity has been added, you can just enter the friendly name.

With Azure DevOps, you can tailor access to resources by setting the permission state to Deny. This allows you to restrict access to view or modify objects, such as build and release pipelines, dashboards, and more.

You can set permissions for members who belong to a custom security group or for individual users. For example, you can deny permissions to view or update select build and release pipelines, or to edit build pipeline, view build pipeline, edit release pipeline, and view release pipeline.

On a similar theme: Azure Devops Release Notes

To delegate tasks to specific roles, Azure DevOps comes with predefined roles, including Readers, Contributors, Team Administrators, Project Administrators, and Project Collection Administrators. Each role has its own set of permissions, such as Readers having read-only access to the project, and Project Collection Administrators having the highest level of permissions.

These roles facilitate the distribution of responsibilities and streamline the management of project areas. You can also create a custom security group and grant permissions as indicated in the following table:

In addition to assigning permissions to individuals, you can manage permissions for various objects within Azure DevOps, such as Git repositories, Git branches, TFVC repositories, build and release pipelines, and wikis.

For more insights, see: Azure Devops Repository Permissions