Change application access policies for your organization

Azure DevOps Services


Azure DevOps no longer supports Alternate Credentials authentication since the beginning of March 2, 2020. If you're still using Alternate Credentials, then they won't work anymore. You have to switch to a more secure authentication method, to mitigate this breaking change impacting your DevOps workflows. Learn more.

You can change your application access policies for your organization in Azure DevOps. Azure DevOps offers the capability for other apps to integrate with its services and resources in your organization. To access your organization without asking for user credentials multiple times, apps can use the following authentication methods:

By default, your organization allows access for all authentication methods. You can limit access, but you must specifically restrict access for each method. When you deny access to an authentication method, no app can use that method to access your organization. Any app that previously had access gets an authentication error and can't access your organization.

To remove access for personal access tokens, you must revoke them.

To continue, you need at least Basic access and organization Owner or Project Collection Administrator permissions. How do I find the organization Owner?

Change application access policies

  1. Sign in to your organization ({yourorganization}).

  2. Choose gear icon Organization settings.

    Choose the gear icon, Organization settings

  3. In the Policies tab, review your application connection settings. Change these settings, based on your security policies.

    Under Application Connections, change each setting as necessary, save your changes


    Anonymous access is used to access both private and public repos. Learn more at Make your project public.