Issue with Service User Permissions in Azure DevOps When Fetching Work Items by Custom Field

Agoston Nyeste 0 Reputation points


I am encountering an issue with service user permissions in Azure DevOps (ADO) that I hope someone can help clarify. We have an organization in ADO containing multiple projects. In our workflow, we utilize an API call to collect work items based on a specific custom field.

Previously, we authenticated these API calls with a Personal Access Token (PAT), and everything functioned as expected. However, after switching to a service user for authentication, we started facing a problem in one specific project ("Project B").

Issue: When attempting to collect a work item based on its custom field value ("custom_value") in Project B, the API does not return the correct items. Instead, it fetches work items with the same custom field from Project A. These items from Project A should not be included in the results for Project B. The service account has Project Administrator role in Project B and it seems to be only appearing in this project.

The POST request:

The body:


"query": "SELECT [System.ID] FROM WorkItems WHERE [Custom.VersionforRMBot] CONTAINS 'custom_field' ORDER BY [Microsoft.VSTS.Common.Priority] ASC, [System.CreatedDate] DESC"


Could there be a specific configuration or permission setting within Project B that I might be overlooking?

Thank you in advance for your help!

Not Monitored
Not Monitored
Tag not monitored by Microsoft.
36,526 questions
{count} votes