Provide user-level access to projects for developers

Team members must have access to a specific Microsoft Dev Box project before they can create dev boxes. By using the built-in DevCenter Dev Box User role, you can assign permissions to Active Directory users or groups at the project level.


Microsoft Dev Box doesn't support the use of guest accounts or Microsoft accounts.

A DevCenter Dev Box User can:

  • View pools within a project.
  • Create dev boxes.
  • Connect to a dev box.
  • Manage dev boxes that they created.
  • Delete dev boxes that they created.

Assign permissions to dev box users

  1. Sign in to the Azure portal.

  2. In the search box, enter projects. In the list of results, select Projects.

  3. Select the project that you want to give your team members access to.

    Screenshot that shows a list of existing projects.

  4. On the left menu, select Access Control (IAM).

  5. Select Add > Add role assignment.

  6. Assign the following role. For detailed steps, see Assign Azure roles using the Azure portal.

    Setting Value
    Role Select DevCenter Dev Box User.
    Assign access to Select User, group, or service principal.
    Members Select the users or groups that you want to have access to the project.

    Screenshot that shows the pane for adding role assignments.

The users can now view the project and all the pools within it. Dev box users can create dev boxes from any of the pools and manage those dev boxes from the developer portal.


A dev box is automatically started and running when the creation process finishes. Dev boxes incur costs whenever they're running.

Next steps