Manage extension permissions
Azure DevOps Services | Azure DevOps Server 2020 | Azure DevOps Server 2019 | TFS 2018
Learn how to grant permissions to users or groups for managing extensions. Extension management tasks include installing, disabling, enabling, reviewing, and approving extensions.
Learn how to grant permissions for publishing or updating extensions for users or groups.
Sign in to your organization (
https://dev.azure.com/{yourorganization}
).Select
Organization settings.
Select Extensions.
Select Security in the upper right of the Extension Security page:
Add users or update permission settings:
Sign in to your organization (
https://dev.azure.com/{yourorganization}
).Select
Admin settings.
Select Extensions, and then select Security.
Add users or update permission settings:
To grant permissions for publishing or updating to users or groups, use TFSSecurity command-line tool.
At the server level, create a group, for example, "TFS Extension Publishers":
tfssecurity /gcg "TFS Extension Publishers" "publishers who can manage extensions for the server" /server:ServerURL
Grant access to the "TFS Extension Publishers" group to manage extensions:
tfssecurity /a+ Publisher "//" CreatePublisher n:"[TEAM FOUNDATION]\TFS Extension Publishers" allow /server:ServerURL tfssecurity /a+ Publisher "//" PublishExtension n:"[TEAM FOUNDATION]\TFS Extension Publishers" allow /server:ServerURL tfssecurity /a+ Publisher "//" UpdateExtension n:"[TEAM FOUNDATION]\TFS Extension Publishers" allow /server:ServerURL tfssecurity /a+ Publisher "//" DeleteExtension n:"[TEAM FOUNDATION]\TFS Extension Publishers" allow /server:ServerURL
For Team Foundation Server "15" RC2 or earlier, use this syntax:
tfssecurity /a+ Publisher "//" Create n:"[TEAM FOUNDATION]\TFS Extension Publishers" allow /server:ServerURL tfssecurity /a+ Publisher "//" Publish n:"[TEAM FOUNDATION]\TFS Extension Publishers" allow /server:ServerURL tfssecurity /a+ Publisher "//" Write n:"[TEAM FOUNDATION]\TFS Extension Publishers" allow /server:ServerURL
Add existing users and groups to the "TFS Extension Publishers" group.
tfssecurity /g+ "[TEAM FOUNDATION]\TFS Extension Publishers" n:User /server:ServerURL
You can add users later to "TFS Extension Publishers". This permission is a server-level permission. Updating and deleting an extension affects all the project collections that use the extension.
Related articles
Feedback
Submit and view feedback for