Default roles & access for public projects
Azure DevOps Services - Public Projects
Public projects enable anyone to view its contents. Access is limited when the user is not signed in. These users are also referred to as anonymous users or public users. In addition, there are users, ones who are signed in to Azure DevOps, but aren't a member of a project. Both of these types of users are granted limited, read-only access as indicated in the following table.
To contribute to a public project, you must be added as a member of that project and assigned either Stakeholder, Basic, or Basic + Test Plans access. The access level determines the user interfaces you can access. The security group you're assigned to determines the features you can exercise. For details, see About access levels.
You add project members in the same way you do for private projects. Be sure you understand what it means to invite an external user to have access to your project. If you created the project, you're automatically assigned to the Project Administrators group.
|Hub or Settings||Non-member access||Stakeholder access||Basic access||Readers||Contributors||Project Admins|
|Dashboards||Read access1||Partial access||Full access||Read access||Read-Write||Read-Write-Administer|
|Wiki||Read access||Full access||Full access||Read access||Read-Write||Read-Write-Administer|
|Boards (Work)||Read access||Partial access3||Full access||Read access||Read-Write||Read-Write-Administer|
|Repos (Code)||Read access||Full access2||Full access||Read access||Read-Write||Read-Write-Administer|
|Pipelines (Build and Release)||Read access||Full access||Full access||Read access||Read-Write||Read-Write-Administer|
|Test Plans||No access||No access||Partial access4||Read access||Read-Write||Read-Write-Administer|
|Notifications||No access||Full access||Full access||Read access||Read-Write||Read-Write-Administer|
|Semantic search||Full access||Full access||Full access||Full access||Full access||Full access|
|Settings||No access||Full access||Full access||Read access||Read access||Read-Write-Administer|
- Several widgets aren't available to non-members.
- Stakeholders have full access to Repos or Code features in public projects, but they have no access in private projects.
- Stakeholders have full access to Boards or Work in public projects, but they have partial access in private projects. For more information, see About access levels, Stakeholder access.
- Basic + Test Plans users can view and run tests from Test Plans or Test. Basic users need to upgrade their access level to Basic + Test Plans to get full access, which includes capability to create test plans and add test cases.
Pipelines/Build and Release
From the web portal, you can set permissions for all or individual build pipelines, release pipelines, task groups, or variable groups. See Set build and release permissions.
When the Free access to Pipelines for Stakeholders preview feature is enabled for the organization, Stakeholders get access to all Build and Release features. This is indicated by the preview icon shown in the following table. Without this feature enabled, Stakeholders can only view and approve releases. To learn more, see Provide Stakeholders access to edit build and release pipelines.
|Project Admins||Release Admins|
|View release pipelines|
|Define builds with continuous integration|
|Define releases and manage deployments|
|Azure Artifacts (5 users free)|
|Queue builds, edit build quality|
|Manage build queues and build qualities|
|Manage build retention policies, delete and destroy builds|
|Administer build permissions|
|Manage release permissions|
|Create and edit task groups|
|Manage task group permissions|
|Can view library items such as variable groups|
|Use and manage library items such as variable groups|