DevOps organisations and AAD integration

%3CLINGO-SUB%20id%3D%22lingo-sub-1055477%22%20slang%3D%22en-US%22%3EDevOps%20organisations%20and%20AAD%20integration%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1055477%22%20slang%3D%22en-US%22%3E%3CP%3EHi%2C%3C%2FP%3E%3CP%3EI%20got%20redirected%20to%20here%20for%20a%20feature%20request%20or%20more%20information%20about%20the%20topic.%20Azure%20DevOps%20allows%20to%20extract%20a%20report%20with%20organisations%20where%20the%20AAD%20integration%20is%20active%20for%20authentication.%20Unfortunately%20it%20does%20not%20allow%20any%20central%20management%20for%20example%20when%20an%20employee%20who%20created%20a%20DevOps%20organisation%20left.%20The%20only%20option%20right%20now%20is%20to%20re-create%20the%20account%2C%20assume%20the%20identity%20and%20take%20over%20the%20organisation.%3C%2FP%3E%3CP%3ESo%20I%20wondered%20if%20there%20is%20any%20alert%20one%20could%20subscribe%20when%20a%20new%20organisation%20is%20created%20with%20an%20AAD%20credential.%20This%20would%20allow%20an%20admin%20to%20step%20in%20and%20request%20that%20the%20ownership%20is%20handed%20to%20a%20corporate%20account.%26nbsp%3B%3C%2FP%3E%3CP%3EAs%20it%20is%20right%20now%2C%20even%20admins%20only%20see%20DevOp%20organisations%20where%20they%20are%20member%20of.%3C%2FP%3E%3CP%3ESo%20any%20features%2Fsuggestions%20with%20this%20regard%20are%20welcome.%20And%20I%20completely%20understand%20the%20DevOps%20approach%20of%20being%20as%20open%20as%20possible%20and%20not%20restricting%20access%20to%20a%20DevOps%20project.%20But%20from%20a%20data%20extraphilation%20point%20of%20view%2C%20this%20is%20potentially%20sub-optimal.%3C%2FP%3E%3CP%3EBest%3C%2FP%3E%3CP%3EMartin%3C%2FP%3E%3C%2FLINGO-BODY%3E
Occasional Contributor

Hi,

I got redirected to here for a feature request or more information about the topic. Azure DevOps allows to extract a report with organisations where the AAD integration is active for authentication. Unfortunately it does not allow any central management for example when an employee who created a DevOps organisation left. The only option right now is to re-create the account, assume the identity and take over the organisation.

So I wondered if there is any alert one could subscribe when a new organisation is created with an AAD credential. This would allow an admin to step in and request that the ownership is handed to a corporate account. 

As it is right now, even admins only see DevOp organisations where they are member of.

So any features/suggestions with this regard are welcome. And I completely understand the DevOps approach of being as open as possible and not restricting access to a DevOps project. But from a data extraphilation point of view, this is potentially sub-optimal.

Best

Martin

0 Replies