category | severity | online version |
---|---|---|
Microsoft Azure DevOps Service Connections |
Important |
A Service connection should use Workload Identity Federation.
Workload Identity Federation allows you to use a service principal managed by Azure Active Directory to authenticate to Azure services instead of using a service principal managed by Azure DevOps. This is more secure as the service principal is not stored in Azure DevOps.
Mininum TokenType: ReadOnly
Consider using Workload Identity Federation for your service connections.