title | titleSuffix | ms.custom | description | ms.subservice | ms.assetid | ms.topic | ms.author | author | ms.date | monikerRange |
---|---|---|---|---|---|---|---|---|---|---|
Access your organization with Microsoft Entra ID |
Azure DevOps Services |
engagement-fy23 |
About user authentication and controlling conditional access to your organization with your Microsoft Entra tenant. |
azure-devops-organizations |
c9aecaaf-9dfb-4877-84b4-60da253e3dc2 |
conceptual |
chcomley |
chcomley |
10/05/2022 |
azure-devops |
[!INCLUDE version-eq-azure-devops]
[!INCLUDE alt-creds-deprecation-notice]
Learn about controlling access to your organization via Microsoft Entra ID. If your organization was created with a Microsoft account, connect your organization to your Microsoft Entra ID. Sign in to Azure DevOps with the same username and password that you use with your Microsoft services. Enforce policies for accessing your team's critical resources and key assets.
Note
To use existing on-premises identities with Azure DevOps, you can integrate directories with Microsoft Entra ID by using Microsoft Entra Connect. To switch your organization to another directory, learn how to change your directory in Microsoft Entra ID.
Your organization authenticates users through its directory. Only users who are members or guests in that directory get access to your organization. Disabled or removed users from your directory have no access to your organization by any mechanism. For example, mechanisms such as personal access tokens (PATs) or SSH. Only specific Microsoft Entra administrators manage users in your directory, so they control who gets access to your organization.
Without Microsoft Entra ID, you're solely responsible for controlling organization access. All users must sign in with Microsoft accounts.
For more information, see Frequently asked questions about Azure access