Introduction
In this article, I will explain how to manage users and permissions in Azure DevOps. Kindly make sure you read my previous article for better understanding. This is the fourth article of my Azure DevOps series. If you feel that it is difficult to manage users and permissions in Azure DevOps service, it's absolutely not. Azure DevOps provides readily available services that allow the organization to manage users and permissions.
Let's get started.
- How to add a user to a particular project in an organization.
- Assign permission to projects in an organization.
Adding a user to an organization
It's important to add users to an organization at the project level up to the number of users in the project. If you are managing a large number of users, then use on-premises active directory. But, if you are managing a small number of users, you can use Azure active directory.
If you are not aware of on-premise active directory and Azure active directory, stay tuned for my next article about active directories. Anyway, it's not important now in this process. You can continue with the basic knowledge of Azure DevOps. In this demo, I am using a separate Microsoft account.
Step 1
Open project, click project Settings --> Security. Once it is done, the names of default teams along with their security groups will be available. Most of the projects will use default security groups.
A user having an account with the "reader" permission can view the project. The "Reader" permission allows only to view the project, not to manage or access the project.
The user with "valid user" permission can access the project but is not allowed to manage the project.
User accounts with "project administrator" permission can perform all operations in the team project.
A user account with "contributors" permission can perform all operation as well as track the project. Mostly users are added to contributors.
A user account with "build administrator" permission can perform create, modify, and delete builds.
How to add a user to a group?
Click Contributor--> Members --> Add. Once the user is added, click "Save changes".
Now, log out from the organization's Microsoft account and log in using a user account.
A user account with "contributor" permission can access and contribute to the project but not allowed to create a new project. Just try creating a new project. Well, it's not possible.
Create own customized security groups
Delete a user account from the group. Go to security, search for the user account. It will show the user account in the "contributors" group. Click "Remove". Now, go to Security and click "Create group".
Once a customized group is created, you can set your own permissions depending on the project requirement.
In this demo, a group with "view project" permission is created. A new user is added to the group by following the above steps.
Sign out from the organization account and sign in using a user account.
User can only view the project and there is no option for creating a new project.
Summary
I hope this was interesting. It's very easy to manage users and permissions in Azure DevOps. Thanks for reading.