Change your organization connection to another Azure AD

Azure DevOps Services

If you need to switch your organization connection from one Azure Active Directory (Azure AD) to another, complete the following steps.

For more information about using Azure AD with Azure DevOps, see the Conceptual overview.

Prerequisites

Before you switch your organization directory, make sure the following statements are true:

  • You're in the Project Collection Administrator group (in Organization settings) for the organization
  • You're a member or a guest in the source Azure AD and in the destination Azure AD

Change the Azure AD connection

  1. Sign in to your organization (https://dev.azure.com/{yourorganization}).

  2. Select gear icon Organization settings.

    Open Organization settings

  3. Select Azure Active Directory, and then Switch directory.

    Select Switch directory

  4. Select a directory from the dropdown menu, and then select Connect.

    Select your Azure AD, and then Connect If you can't find your directory, contact your Azure AD administrator and request that they add you as a member to the Azure AD.

  5. Select Sign out.

    Connect success dialog - select Sign out

    Your organization is now connected to your Azure AD.

  6. Confirm that the process is complete. Sign out, and then open your browser in a private session and sign in to your organization with your Azure AD or work credentials.

  7. If some members are disconnected, sign back in to Azure DevOps and map them to their Azure AD identities. Or, you can invite them as guests into the Azure AD. For more information, see the FAQs.

    Select Resolve to invite unmapped users

    Mapping disconnected users

Inform users of the completed change

When you inform your users of the completed change, include the following tasks for each user in the organization to complete:

  • Clear the cache for the Git Credential Manager if you use Visual Studio or the Git command-line tool. Delete the %LocalAppData%\GitCredentialManager\tenant.cache file on each client machine.

  • Regenerate new personal access tokens. Complete the following steps:

    a. In Azure DevOps, open your profile, and then select Security from the resulting dropdown menu.

    Select from your profile dropdown menu, Security

    b. Select Personal access tokens, and then select New Token.

    Select New Token to create

    c. Complete the form, and then select Create.

    Create new token

    d. When the token is created, copy it, as it can't be viewed again.

  • Request that SSH keys be manually cleared by Support, and then recreate SSH keys. Complete the following steps.

    a. In Azure DevOps, open your profile, and then select Security from the resulting dropdown menu.

    Select from your profile dropdown menu, Security

    b. Select SSH public keys, and then select Add.

    Screenshot that shows adding a SSH public key.

    c. Enter a description and key data, and then select Save.

    Add info to create SSH key

    d. When the token is created, copy it, as it can't be viewed again.

  • Rename your Microsoft account to a different email that doesn't conflict with your Azure AD identity. Doing so ensures that you won't be prompted to choose between accounts.

  • Adjust your Visual Studio subscription if the UPN used inside your Azure DevOps Services organization has changed. You can have it reassigned to your new UPN, or set that UPN as the alternate account inside the subscription. For more information, see how to add an alternate account to your subscription.