Permissions lookup guide for Azure DevOps

Azure DevOps Services | Azure DevOps Server 2019 | TFS 2018 | TFS 2017 | TFS 2015 | TFS 2013

Use this index to locate the topic on how to manage a specific permission. Most permissions are managed for an object, project, or collection. Other permissions are managed by adding users and groups to a role. To learn more, see About permissions and groups and About security roles.

Values in parenthesis indicate what level the permission is managed:

  • Object: Permissions are managed at the object-level
  • Project: Permissions are managed at the project level
  • Collection: Permissions are managed at the organization or project collection level
  • Role: Permissions are managed through a security role.
  • Team: Permissions are managed via the team administrator role.

A

B

C

D

E

F-L

M-N

O-P

Q-R

S

T

U-V-W


  • Object: Permissions are managed at the object-level
  • Project: Permissions are managed at the project level
  • Collection: Permissions are managed at the account or project collection level
  • Role: Permissions are managed through a security role.
  • Server: Permissions are managed at the instance level for a server
  • Team: Permissions are managed via the team administrator role.

A

B

C

D

E

F-L

M-N

O-P

Q-R

S

T

U-V-W


  • Object: Permissions are managed at the object-level
  • Project: Permissions are managed at the project level
  • Collection: Permissions are managed at the account or project collection level
  • Role: Permissions are managed through a security role.
  • Server: Permissions are managed at the instance level for a server
  • Team: Permissions are managed via the team administrator role.

A

B

C

D

E

F-L

M-N

O-P

Q-R

S

T

U-V-W


Edit project-level information

The Edit project-level information permission is set through the Security admin page for a project. It includes the ability to perform the following tasks for all projects defined in the organization or collection:

  • Add and administer teams and all team-related features
  • Edit project-level permissions for users and groups in the project
  • Add or remove project-level security groups
  • Edit project level permission ACLs
  • Edit event subscriptions or alerts for teams or the project

Edit instance-level or collection-level information

The Edit instance-level information (formerly Edit collection level information) permission is set through the Security admin page for an organization or collection. It includes the ability to perform the following tasks for all team projects defined in the account or collection:

  • Add and administer teams and all team-related features
  • Edit collection-level permissions for users and groups in the collection
  • Add or remove collection-level security groups from the collection
  • Implicitly allows the user to modify version control permissions
  • Edit project level and collection level permission ACLs
  • Edit event subscriptions or alerts for teams, projects, or collection level events.