Forum Discussion
Configuring Azure DevOps for Work Item Permissions
How can I configure an Azure DevOps project to ensure that a user can view and modify only the specific tasks or issues that are assigned to them?
1 Reply
Anmol-Kwhile you can accomplish this to a degree it is a bit opposite the intent of Azure DevOps in that it is designed to facilitate team collaboration. Although you could use the preview feature for limiting visibility to a specific project at this time that would only apply to web portal access so a user could still use the CLI or REST to view items you've restricted.
As the above article states, "Azure DevOps is designed to allow all authorized users to view all defined objects within the system" however it also suggests a workaround of setting a blanket deny policy and then provisioning object access specifically for certain users. If you have a DevOps team of considerable size this approach could be impractical, and prone to errors through omission.
A more practical option might be to define an area path for the work items you want to be viewable to that user. It is always preferable to create roles with the scope you desire rather than assign permissions individually.
