Default Git repository and branch permissions

Azure DevOps Services | Azure DevOps Server 2022 - Azure DevOps Server 2019

After you've been added as a team member, you are a member of the Contributors group. This membership allows you to contribute to a Git repository. The most common built-in groups include Readers, Contributors, and Project Administrators. These groups are assigned default permissions for contributing to a branch or repository.

Permission

Readers

Contributors

Build Admins

Project Admins


Read (clone, fetch, and explore the contents of a repository); also, can create, comment on, vote, and Contribute to pull requests

✔️

✔️

✔️

✔️

Contribute, Create branches, Create tags, and Manage notes

✔️

✔️

✔️

Create repository, Delete repository, and Rename repository

✔️

Edit policies, Manage permissions, Remove others' locks

✔️

Bypass policies when completing pull requests, Bypass policies when pushing, Force push (rewrite history, delete branches and tags)
(not set for any security group)


To change permissions or set policies for Git repositories or branches, see the following articles: