Azure DevOps Wiki Microsoft Graph connector
The Azure DevOps Wiki Graph connector allows your organization to index wikis in its instance of the Azure DevOps service. After you configure the connector, end users can search for project wikis and code wikis from Azure DevOps in Microsoft Search.
Note
- Read the Setup for your Graph connector article to understand the general Graph connectors setup instructions.
This article is for anyone who configures, runs, and monitors an Azure DevOps Wiki Graph connector. It supplements the general setup process, and shows instructions that apply only for the Azure DevOps Wiki Graph connector.
Important
The Azure DevOps Wiki connector supports only the Azure DevOps cloud service. Azure DevOps Server 2019, TFS 2018, TFS 2017, TFS 2015, and TFS 2013 are not supported by this connector.
Before you get started
You must be the search admin for your organization's M365 tenant as well as the admin for your organization's Azure DevOps instance.
To allow the connector to connect to your Azure DevOps Organization, you must enable Third-party application access via OAuth. Refer Azure DevOps documentation to manage security policies to learn more.
You will need the following permissions granted to the user account whose credentials are used during the connector configuration:
| Permission name | Permission type | Required for |
|---|---|---|
| View project-level information | Project permission | Crawling Azure DevOps Work Items. This permission is mandatory for the projects that need to be indexed. |
Important
The user account must have Basic access level. To learn more about access levels in Azure DevOps, read supported access levels.
Step 1: Add a Graph connector in the Microsoft 365 admin center
Add Azure DevOps Wiki connector
Follow the general setup instructions.
Step 2: Name the connection
Follow the general setup instructions.
Step 3: Configure the connection settings
To connect to your Azure DevOps instance, you need your Azure DevOps account App ID and client secret for OAuth authentication.
Register an app
Register an app in Azure DevOps so that the Microsoft Search app can access the instance. To register the app, visit the link to register application. To learn more, see Azure DevOps documentation on how to register an app.
The following table provides guidance on how to fill out the app registration form:
| Mandatory Fields | Description | Recommended Value |
|---|---|---|
| Company Name | The name of your company. | Use an appropriate value |
| Application name | A unique value that identifies the application that you're authorizing. | Microsoft Search |
| Application website | The URL of the application that will request access to your Azure DevOps instance during connector setup. (Required). | For M365 Enterprise: https://gcs.office.com/, For M365 Government: https://gcsgcc.office.com/ |
| Authorization callback URL | A required callback URL that the authorization server redirects to. | For M365 Enterprise: https://gcs.office.com/v1.0/admin/oauth/callback, For M365 Government: https://gcsgcc.office.com/v1.0/admin/oauth/callback |
| Authorized scopes | The scope of access for the application | Select the following scopes: Identity (read), Code (read), Entitlements (Read), Project and team (read), Graph (read), MemberEntitlement Management (read), Wiki (read) |
Important
The authorized scopes selected for the app should exactly match the scopes listed above. If either more or less scopes are selected, authorization will fail.
On registering the app with the details above, you'll get the App ID and Client Secret that will be used to configure the connector.
Note
To revoke access to any app registered in Azure DevOps, go to User settings at the right top of your Azure DevOps instance. Select Profile and then select Authorizations in the Security section of the side pane. Hover over an authorized OAuth app to see the Revoke button at the corner of the app details.
Connection settings
After registering the Microsoft Search app with Azure DevOps, you can complete the connection settings step. Enter your App ID and Client secret.
Configure data: select organization, projects and fields
In this step, you specify the scope of data which you want to index using the Azure DevOps Wiki graph connector.
As the first step, you can choose the organization you want to index, out of all organizations you have access to. You can then choose for the connection to index either the entire organization or specific projects within the selected organization.
If you choose to index the entire organization, wikis in all projects in the organization will get indexed. New projects and wikis will be indexed during the next crawl after they're created.
If you choose to index individual projects, only wikis in the selected projects will be indexed.
Step 4: Manage search permissions
The Azure DevOps connector supports search permissions visible to Everyone. With the Everyone option, indexed data will appear in the search results for all users.
Step 5: Assign property labels
Follow the general setup instructions.
Step 6: Manage schema
Follow the general setup instructions.
Step 7: Choose refresh settings
The Azure DevOps Wiki connector supports refresh schedules for both full and incremental crawls. The recommended schedule is one hour for an incremental crawl and one week for a full crawl.
Step 8: Review connection
Follow the general setup instructions.
Step 9: Set up search result page
After publishing the connection, you need to customize the search results page with verticals and result types. To learn about customizing search results, review how to manage verticals and result types. You may also use the sample result layout for the Azure DevOps Wiki connector. Simply copy-paste the result layout JSON to get started.
Troubleshooting
The following are common errors observed while configuring the connector, or during crawling, and its possible reasons.
| Step | Error message | Possible reason(s) |
|---|---|---|
| Connection settings | Invalid Credentials detected. Try signing in with a different account or check the permissions for your account |
Third-party application access via OAuth may be disabled. Follow steps to manage security policies to enable OAuth. |
| Connection settings | Bad state message in OAuth pop-up window with URL stating error=InvalidScope |
Wrong scopes provided to the registered app. |
| Connection settings | 400 - Bad request message in OAuth pop-up window |
Incorrect App ID |
| Connection settings | BadRequest: Bad Request on api request message in OAuth pop-up window |
Incorrect Client secret |
| Crawl time (post connector configuration) | The account associated with the connector doesn't have permission to access the item. |
The registered app does not have any of the required OAuth scopes. |
| Crawl time (post connector configuration) | You don't have permission to access this data source. You can contact the owner of this data source to request permission. |
Third-party application access via OAuth is disabled. Follow steps to manage security policies to enable OAuth. |
| Crawl time (post connector configuration) | Credentials associated with this data source have expired. Renew the credentials and then update the connection |
The registered app may have been deleted or expired. |
| Crawl time (post connector configuration) | Item listed but no longer accessible or no longer exists |
The crawling account may be missing 'Basic' access level. Crawls fail with 'Stakeholder' access. |
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for