Platform Documentation
Platform Documentation
Breadcrumbs

Azure DevOps Discovery

Azure DevOps can also be discovered, adding valuable tasks to correlate organisational policies, pipeline failires, and code changes with other infrastructure in your environment.


Authentication Methods

The Azure DevOps indexer supports four authentication methods, tried in order of preference:

Personal Access Token (PAT) - Recommended for Development

Best for: Local development, testing, individual developer use

Kubernetes Secret (Recommended for Production PAT Usage) 

cloudConfig:
  azure:
    devops:
      organizationUrl: "https://dev.azure.com/your-organization"
      patSecretName: "azure-devops-pat"

Supported secret keys: personalAccessToken, pat, token, or access_token


Direct Configuration (Development Only) 

cloudConfig:
  azure:
    devops:
      organizationUrl: "https://dev.azure.com/your-organization"
      personalAccessToken: "your-personal-access-token"


Service Principal - Recommended for Production

Best for: Production environments, CI/CD pipelines, enterprise deployments

cloudConfig:
  azure:
    tenantId: "your-tenant-id"
    clientId: "your-client-id"
    clientSecret: "your-client-secret"
    devops:
      organizationUrl: "https://dev.azure.com/your-organization"


DefaultAzureCredential - Automatic Fallback

Best for: Azure-hosted environments, Azure CLI users

No additional configuration needed. Uses:

  • Azure CLI login (az login)

  • Managed Identity (when running in Azure)

  • Environment variables

Indexed Resources and Hierarchical Structure

The Azure DevOps indexer discovers and indexes resources with a clear hierarchical structure:

Resource Hierarchy

All resources follow the pattern: {organization}/{project}/{resource} (or {organization}/{project} for projects, or {organization} for organizations)

Examples:

  • Organization: your-organization

  • Project: your-organization/your-project

  • Repository: your-organization/your-project/your-repository

  • Pipeline: your-organization/your-project/your-pipeline

  • Release: your-organization/your-project/your-release

Organizations

  • Properties: name, url, organization

  • Qualified Name: {organization_name}

  • Relationships: Contains projects

  • Use Case: Organization-level health monitoring and governance

Projects

  • Properties: id, name, description, state, revision, url, visibility, organization

  • Qualified Name: {organization}/{project_name}

  • Relationships: Contains repositories, pipelines, and releases

Repositories

  • Properties: id, name, url, default_branch, size, remote_url, organization

  • Qualified Name: {organization}/{project_name}/{repository_name}

  • Relationships: Belongs to a project

Pipelines

  • Properties: id, name, url, revision, organization

  • Qualified Name: {organization}/{project_name}/{pipeline_name}

  • Relationships: Belongs to a project

Releases

  • Properties: id, name, url, revision, organization

  • Qualified Name: {organization}/{project_name}/{release_name}

  • Relationships: Belongs to a project