Forum Discussion

Ramya_Gangula's avatar
Ramya_Gangula
Icon for Microsoft rankMicrosoft
Dec 15, 2023

Enable Read Only access to ADO Boards Functionality

Hello Everyone, One of my customers has over 100 projects in their organization, and they haven’t followed any standardization in terms of setting user permissions or branch policies at each project...
azure devops
Kidd_Ip's avatar
Kidd_Ip
MVP
Jun 16, 2025

Considering this:

 

  1. Use Security Groups for Permissions – Azure DevOps allows you to assign users to different security groups. The Readers group provides read-only access to Boards, while Contributors have write access. You can assign users to the Readers group for the specific projects where write access should be restricted.
  2. Modify Project-Level Permissions – Within Project Settings > Permissions, you can explicitly deny write access to Boards-related features while ensuring other functionalities remain untouched. This includes disabling permissions for work item edits, board modifications, and dashboard updates.
  3. Stakeholder Access Level – Applied if users only need to view work items but not modify them, Stakeholder access might be an option. However, this limits their ability to interact with other features.
  4. Custom Role-Based Access Control (RBAC) – If fine-grained control is needed, you can create custom security roles that allow read-only access to Boards while maintaining full access to repositories and pipelines.
  5. Reversibility – To easily revert permissions, document the changes made and use Azure DevOps Auditing to track modifications. This ensures that previous settings can be restored if needed.

 

Default permissions and access for Azure Boards - Azure Boards | Microsoft Learn

Resources