Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Azure DevOps Services | Azure DevOps Server | Azure DevOps Server 2022
Build secure, scalable applications and services that integrate with Azure DevOps to access user resources and automate processes programmatically. Whether you create internal automation tools or build commercial products, Azure DevOps provides robust APIs and modern authentication options to support your integration needs.
Tip
You can use AI to help with Azure DevOps tasks. See Enable AI assistance with Azure DevOps MCP Server to get started.
Why integrate with Azure DevOps?
Azure DevOps integration enables you to:
Automate workflows
- Create and track bugs automatically from customer reports
- Monitor work items and display status on custom dashboards
- Sync data between Azure DevOps and external systems
- Generate reports and analytics from Azure DevOps data
Build commercial solutions
- Develop marketplace extensions for Azure DevOps customers
- Create SaaS products that integrate with Azure DevOps
- Build mobile apps that connect to Azure DevOps services
- Integrate Azure DevOps with enterprise systems
Getting started: Choose your path
Quick start options
| Need | Recommended approach | Best for |
|---|---|---|
| Simple automation | REST API with personal access tokens (PATs) | Scripts, personal tools |
| Production applications | .NET client libraries with managed identity | Enterprise apps, Azure-hosted services |
| Interactive applications | Microsoft Entra authentication | User-facing apps, desktop tools |
| Custom UI components | Azure DevOps extensions | Team customizations, marketplace products |
Authentication: Security first
Choose the right authentication method for your scenario.
Recommended for production:
- Managed Identity - For Azure-hosted applications (most secure)
- Service Principal - For CI/CD pipelines and automated services
- Microsoft Entra ID - For user-facing applications requiring OAuth flows
Quick development:
- Personal access tokens (PATs) - For testing and personal automation only
Avoid for production:
- Username/password authentication (deprecated)
- Hardcoded credentials in source code
- Overly broad permission scopes
Development approaches
REST API integration
Best for: Direct HTTP calls, platform-agnostic development, simple automation
**Key benefits:**
- Works with any programming language
- Full control over HTTP requests and responses
- Lightweight integration for simple scenarios
- Easy to debug and test
**Get started:**
- [Learn REST API basics](./how-to/call-rest-api.md)
- [Browse API reference](/rest/api/azure/devops/)
- [Try APIs in the browser](https://docs.microsoft.com/rest/api/azure/devops/)
.NET client libraries
Best for: C# applications, enterprise development, complex integrations
**Key benefits:**
- Strongly typed APIs with IntelliSense support
- Built-in retry logic and error handling
- Async/await patterns for better performance
- Production-ready authentication options
**Get started:**
- [.NET client library samples](./get-started/client-libraries/samples.md)
- [Authentication guidance](./get-started/authentication/authentication-guidance.md)
- [Client library concepts](./concepts/dotnet-client-libraries.md)
Event-driven integration
Best for: Real-time responses, webhook-based automation, external system synchronization
**Key benefits:**
- Real-time event notifications
- Reduced polling and improved efficiency
- Support for multiple event types
- Easy integration with external services
**Get started:**
- [Service hooks overview](../service-hooks/overview.md)
- [Webhook configuration guide](../service-hooks/services/webhooks.md)
- [Event reference documentation](../service-hooks/events.md)
Platform extensions
Best for: Custom UI components, team-specific features, marketplace products
**Key benefits:**
- Native integration with Azure DevOps UI
- Access to platform APIs and services
- Distribution through Visual Studio Marketplace
- Rich customization capabilities
**Get started:**
- [Extension development overview](../extend/overview.md)
- [Extension samples and tutorials](../extend/develop/samples-overview.md)
- [Marketplace publishing guide](../extend/publish/overview.md)
Architecture patterns
Recommended architectures
Microservices integration:
Azure Function/App Service → Managed Identity → Azure DevOps APIs
- Secure, serverless integration
- Automatic credential management
- Scalable and cost-effective
Enterprise application:
On-premises App → Service Principal → Azure DevOps REST APIs
- Certificate-based authentication
- Centralized credential management
- Audit logging and compliance
User-facing application:
Web/Mobile App → Microsoft Entra OAuth → Azure DevOps on behalf of user
- User consent flows
- Secure token management
- Granular permission control
Security and compliance
Security best practices
Authentication security:
- ✅ Use Microsoft Entra tokens instead of personal access tokens (PATs) for new integrations — Entra ID provides shorter token lifespans, automatic credential management, Conditional Access policy enforcement, and centralized auditing
- ✅ Use managed identities for Azure-hosted workloads to eliminate credential management entirely
- ✅ Use service principals for automation scenarios that can't use managed identities
- ✅ Implement proper token refresh logic
- ✅ Apply the principle of least privilege
- ✅ Enable audit logging for all API calls
- ✅ Restrict PAT creation with organization policies when possible
- ❌ Never commit credentials to source control
- ❌ Don't use overly broad PAT scopes
- ❌ Don't create long-lived PATs when short-lived Entra tokens work
Application security:
- Implement proper error handling and logging
- Use HTTPS for all communications
- Validate all input data
- Handle rate limiting gracefully
- Store sensitive data in Azure Key Vault
Compliance considerations:
- Review Azure DevOps security overview
- Understand data residency requirements.
- Implement proper access controls and auditing.
- Follow industry-specific compliance guidelines.
Resources and next steps
Essential documentation
Core concepts:
- Authentication guidance - Choose the right authentication method
- Microsoft Entra integration - OAuth and modern authentication patterns
- Integration best practices - Production-ready development patterns
API references:
- Azure DevOps REST API - Complete API documentation
- .NET client libraries - Managed client library information
- Service hooks reference - Event-driven integration
Code samples:
- .NET client samples - Production-ready C# examples
- Azure DevOps auth samples - Authentication examples
- Extension samples - Platform extension examples
Quick actions
Start building today:
- Set up authentication - Choose your auth method
- Try the REST API - Make your first API call
- Run client library samples - See working code examples
- Review security practices - Build securely from the start
Need help?
- Azure DevOps Developer Community - Ask questions and get help
- Stack Overflow - Community support and examples
- GitHub samples repository - Working code examples
Tip
New to Azure DevOps integration? Start with the authentication guidance to understand your options, then try the REST API quickstart to make your first successful API call.