Individuals who have company email which is added to an organization's Azure Active Directory can create their own personal Azure DevOps organizations using the company email. But, Azure DevOps has a feature to restrict creating Azure DevOps organizations using organization's email. As explained in the previous blog (Making Personal Access Token More Secure in Azure DevOps), Add "Azure DevOps administrator" user role to the Azure DevOps admin user to enable the feature.
Go to Azure Active Directory Section of Organizations settings page of Azure DevOps to enable the feature.
Following feature allows you to enable the policies to restrict the organization creation permission from all the users but Admin and Azure DevOps administrators. If you need to allow new organization creation to any user other than admin users, you can add them under allow list. Also, you can edit the message which shows to the restricted users if they try to create a new organization using company email account.
No comments:
Post a Comment