Security Namespaces - Query
List all security namespaces or just the specified namespace.
GET https://dev.azure.com/{organization}/_apis/securitynamespaces/{securityNamespaceId}?api-version=7.1GET https://dev.azure.com/{organization}/_apis/securitynamespaces/{securityNamespaceId}?localOnly={localOnly}&api-version=7.1URI Parameters
| Name | In | Required | Type | Description |
|---|---|---|---|---|
|
organization
|
path |
string |
The name of the Azure DevOps organization. |
|
|
security
|
path |
string uuid |
Security namespace identifier. |
|
|
api-version
|
query | True |
string |
Version of the API to use. This should be set to '7.1' to use this version of the api. |
|
local
|
query |
boolean |
If true, retrieve only local security namespaces. |
Responses
| Name | Type | Description |
|---|---|---|
| 200 OK |
successful operation |
Security
accessToken
Personal access token. Use any value for the user name and the token as the password.
Type:
basic
Examples
| All security namespaces |
| Get the specified security namespace |
All security namespaces
Sample request
GET https://dev.azure.com/fabrikam/_apis/securitynamespaces?api-version=7.1
Sample response
{
"count": 10,
"value": [
{
"namespaceId": "5a27515b-ccd7-42c9-84f1-54c998f03866",
"name": "Identity",
"displayName": "Identity",
"separatorValue": "\\",
"elementLength": -1,
"writePermission": 4,
"readPermission": 1,
"dataspaceCategory": "Default",
"actions": [
{
"bit": 1,
"name": "Read",
"displayName": "View identity information",
"namespaceId": "5a27515b-ccd7-42c9-84f1-54c998f03866"
},
{
"bit": 2,
"name": "Write",
"displayName": "Edit identity information",
"namespaceId": "5a27515b-ccd7-42c9-84f1-54c998f03866"
},
{
"bit": 4,
"name": "Delete",
"displayName": "Delete identity information",
"namespaceId": "5a27515b-ccd7-42c9-84f1-54c998f03866"
},
{
"bit": 8,
"name": "ManageMembership",
"displayName": "Manage group membership",
"namespaceId": "5a27515b-ccd7-42c9-84f1-54c998f03866"
},
{
"bit": 16,
"name": "CreateScope",
"displayName": "Create identity scopes",
"namespaceId": "5a27515b-ccd7-42c9-84f1-54c998f03866"
}
],
"structureValue": 1,
"extensionType": "Microsoft.TeamFoundation.Framework.Server.IdentitySecurityNamespaceExtension",
"isRemotable": false,
"useTokenTranslator": false
},
{
"namespaceId": "445d2788-c5fb-4132-bbef-09c4045ad93f",
"name": "WorkItemTrackingAdministration",
"displayName": "WorkItemTrackingAdministration",
"separatorValue": "\u0000",
"elementLength": -1,
"writePermission": 1,
"readPermission": 0,
"dataspaceCategory": "WorkItem",
"actions": [
{
"bit": 1,
"name": "ManagePermissions",
"displayName": "Manage permissions",
"namespaceId": "445d2788-c5fb-4132-bbef-09c4045ad93f"
},
{
"bit": 2,
"name": "DestroyAttachments",
"displayName": "Destroy attachments",
"namespaceId": "445d2788-c5fb-4132-bbef-09c4045ad93f"
}
],
"structureValue": 0,
"extensionType": null,
"isRemotable": false,
"useTokenTranslator": false
},
{
"namespaceId": "101eae8c-1709-47f9-b228-0e476c35b3ba",
"name": "DistributedTask",
"displayName": "DistributedTask",
"separatorValue": "/",
"elementLength": -1,
"writePermission": 8,
"readPermission": 1,
"dataspaceCategory": "DistributedTask",
"actions": [
{
"bit": 1,
"name": "View",
"displayName": "View",
"namespaceId": "101eae8c-1709-47f9-b228-0e476c35b3ba"
},
{
"bit": 2,
"name": "Manage",
"displayName": "Manage",
"namespaceId": "101eae8c-1709-47f9-b228-0e476c35b3ba"
},
{
"bit": 4,
"name": "Listen",
"displayName": "Listen",
"namespaceId": "101eae8c-1709-47f9-b228-0e476c35b3ba"
},
{
"bit": 8,
"name": "AdministerPermissions",
"displayName": "Administer Permissions",
"namespaceId": "101eae8c-1709-47f9-b228-0e476c35b3ba"
},
{
"bit": 16,
"name": "Use",
"displayName": "Use",
"namespaceId": "101eae8c-1709-47f9-b228-0e476c35b3ba"
},
{
"bit": 32,
"name": "Create",
"displayName": "Create",
"namespaceId": "101eae8c-1709-47f9-b228-0e476c35b3ba"
}
],
"structureValue": 1,
"extensionType": "Microsoft.TeamFoundation.DistributedTask.Server.Extensions.TaskSecurityExtension",
"isRemotable": false,
"useTokenTranslator": false
},
{
"namespaceId": "71356614-aad7-4757-8f2c-0fb3bff6f680",
"name": "WorkItemQueryFolders",
"displayName": "WorkItemQueryFolders",
"separatorValue": "/",
"elementLength": -1,
"writePermission": 8,
"readPermission": 1,
"dataspaceCategory": "WorkItem",
"actions": [
{
"bit": 1,
"name": "Read",
"displayName": "Read",
"namespaceId": "71356614-aad7-4757-8f2c-0fb3bff6f680"
},
{
"bit": 2,
"name": "Contribute",
"displayName": "Contribute",
"namespaceId": "71356614-aad7-4757-8f2c-0fb3bff6f680"
},
{
"bit": 4,
"name": "Delete",
"displayName": "Delete",
"namespaceId": "71356614-aad7-4757-8f2c-0fb3bff6f680"
},
{
"bit": 8,
"name": "ManagePermissions",
"displayName": "Manage Permissions",
"namespaceId": "71356614-aad7-4757-8f2c-0fb3bff6f680"
},
{
"bit": 16,
"name": "FullControl",
"displayName": "Full Control",
"namespaceId": "71356614-aad7-4757-8f2c-0fb3bff6f680"
}
],
"structureValue": 1,
"extensionType": null,
"isRemotable": false,
"useTokenTranslator": true
},
{
"namespaceId": "2e9eb7ed-3c0a-47d4-87c1-0ffdd275fd87",
"name": "Git Repositories",
"displayName": "Git Repositories",
"separatorValue": "/",
"elementLength": -1,
"writePermission": 8192,
"readPermission": 2,
"dataspaceCategory": "Git",
"actions": [
{
"bit": 1,
"name": "Administer",
"displayName": "Administer",
"namespaceId": "2e9eb7ed-3c0a-47d4-87c1-0ffdd275fd87"
},
{
"bit": 2,
"name": "GenericRead",
"displayName": "Read",
"namespaceId": "2e9eb7ed-3c0a-47d4-87c1-0ffdd275fd87"
},
{
"bit": 4,
"name": "GenericContribute",
"displayName": "Contribute",
"namespaceId": "2e9eb7ed-3c0a-47d4-87c1-0ffdd275fd87"
},
{
"bit": 8,
"name": "ForcePush",
"displayName": "Force push (rewrite history and delete branches)",
"namespaceId": "2e9eb7ed-3c0a-47d4-87c1-0ffdd275fd87"
},
{
"bit": 16,
"name": "CreateBranch",
"displayName": "Create branch",
"namespaceId": "2e9eb7ed-3c0a-47d4-87c1-0ffdd275fd87"
},
{
"bit": 32,
"name": "CreateTag",
"displayName": "Create tag",
"namespaceId": "2e9eb7ed-3c0a-47d4-87c1-0ffdd275fd87"
},
{
"bit": 64,
"name": "ManageNote",
"displayName": "Manage notes",
"namespaceId": "2e9eb7ed-3c0a-47d4-87c1-0ffdd275fd87"
},
{
"bit": 128,
"name": "PolicyExempt",
"displayName": "Bypass policies when pushing",
"namespaceId": "2e9eb7ed-3c0a-47d4-87c1-0ffdd275fd87"
},
{
"bit": 256,
"name": "CreateRepository",
"displayName": "Create repository",
"namespaceId": "2e9eb7ed-3c0a-47d4-87c1-0ffdd275fd87"
},
{
"bit": 512,
"name": "DeleteRepository",
"displayName": "Delete repository",
"namespaceId": "2e9eb7ed-3c0a-47d4-87c1-0ffdd275fd87"
},
{
"bit": 1024,
"name": "RenameRepository",
"displayName": "Rename repository",
"namespaceId": "2e9eb7ed-3c0a-47d4-87c1-0ffdd275fd87"
},
{
"bit": 2048,
"name": "EditPolicies",
"displayName": "Edit policies",
"namespaceId": "2e9eb7ed-3c0a-47d4-87c1-0ffdd275fd87"
},
{
"bit": 4096,
"name": "RemoveOthersLocks",
"displayName": "Remove others' locks",
"namespaceId": "2e9eb7ed-3c0a-47d4-87c1-0ffdd275fd87"
},
{
"bit": 8192,
"name": "ManagePermissions",
"displayName": "Manage permissions",
"namespaceId": "2e9eb7ed-3c0a-47d4-87c1-0ffdd275fd87"
},
{
"bit": 16384,
"name": "PullRequestContribute",
"displayName": "Contribute to pull requests",
"namespaceId": "2e9eb7ed-3c0a-47d4-87c1-0ffdd275fd87"
},
{
"bit": 32768,
"name": "PullRequestBypassPolicy",
"displayName": "Bypass policies when completing pull requests",
"namespaceId": "2e9eb7ed-3c0a-47d4-87c1-0ffdd275fd87"
},
{
"bit": 65536,
"name": "ViewAdvSecAlerts",
"displayName": "Advanced Security: view alerts",
"namespaceId": "2e9eb7ed-3c0a-47d4-87c1-0ffdd275fd87"
},
{
"bit": 131072,
"name": "DismissAdvSecAlerts",
"displayName": "Advanced Security: manage and dismiss alerts",
"namespaceId": "2e9eb7ed-3c0a-47d4-87c1-0ffdd275fd87"
},
{
"bit": 262144,
"name": "ManageAdvSecScanning",
"displayName": "Advanced Security: manage settings",
"namespaceId": "2e9eb7ed-3c0a-47d4-87c1-0ffdd275fd87"
}
],
"structureValue": 1,
"extensionType": null,
"isRemotable": true,
"useTokenTranslator": false
},
{
"namespaceId": "4ae0db5d-8437-4ee8-a18b-1f6fb38bd34c",
"name": "Registry",
"displayName": "Registry",
"separatorValue": "/",
"elementLength": -1,
"writePermission": 2,
"readPermission": 1,
"dataspaceCategory": "Default",
"actions": [
{
"bit": 1,
"name": "Read",
"displayName": "Read registry entries",
"namespaceId": "4ae0db5d-8437-4ee8-a18b-1f6fb38bd34c"
},
{
"bit": 2,
"name": "Write",
"displayName": "Write registry entries",
"namespaceId": "4ae0db5d-8437-4ee8-a18b-1f6fb38bd34c"
}
],
"structureValue": 1,
"extensionType": null,
"isRemotable": false,
"useTokenTranslator": false
},
{
"namespaceId": "3c15a8b7-af1a-45c2-aa97-2cb97078332e",
"name": "VersionControlItems2",
"displayName": "VersionControlItems2",
"separatorValue": "/",
"elementLength": -1,
"writePermission": 1024,
"readPermission": 1,
"dataspaceCategory": "VersionControl",
"actions": [
{
"bit": 1,
"name": "Read",
"displayName": "Read",
"namespaceId": "3c15a8b7-af1a-45c2-aa97-2cb97078332e"
},
{
"bit": 2,
"name": "PendChange",
"displayName": "Pend a change in a server workspace",
"namespaceId": "3c15a8b7-af1a-45c2-aa97-2cb97078332e"
},
{
"bit": 4,
"name": "Checkin",
"displayName": "Check in",
"namespaceId": "3c15a8b7-af1a-45c2-aa97-2cb97078332e"
},
{
"bit": 8,
"name": "Label",
"displayName": "Label",
"namespaceId": "3c15a8b7-af1a-45c2-aa97-2cb97078332e"
},
{
"bit": 16,
"name": "Lock",
"displayName": "Lock",
"namespaceId": "3c15a8b7-af1a-45c2-aa97-2cb97078332e"
},
{
"bit": 32,
"name": "ReviseOther",
"displayName": "Revise other users' changes",
"namespaceId": "3c15a8b7-af1a-45c2-aa97-2cb97078332e"
},
{
"bit": 64,
"name": "UnlockOther",
"displayName": "Unlock other users' changes",
"namespaceId": "3c15a8b7-af1a-45c2-aa97-2cb97078332e"
},
{
"bit": 128,
"name": "UndoOther",
"displayName": "Undo other users' changes",
"namespaceId": "3c15a8b7-af1a-45c2-aa97-2cb97078332e"
},
{
"bit": 256,
"name": "LabelOther",
"displayName": "Administer labels",
"namespaceId": "3c15a8b7-af1a-45c2-aa97-2cb97078332e"
},
{
"bit": 1024,
"name": "AdminProjectRights",
"displayName": "Manage permissions",
"namespaceId": "3c15a8b7-af1a-45c2-aa97-2cb97078332e"
},
{
"bit": 2048,
"name": "CheckinOther",
"displayName": "Check in other users' changes",
"namespaceId": "3c15a8b7-af1a-45c2-aa97-2cb97078332e"
},
{
"bit": 4096,
"name": "Merge",
"displayName": "Merge",
"namespaceId": "3c15a8b7-af1a-45c2-aa97-2cb97078332e"
},
{
"bit": 8192,
"name": "ManageBranch",
"displayName": "Manage branch",
"namespaceId": "3c15a8b7-af1a-45c2-aa97-2cb97078332e"
}
],
"structureValue": 1,
"extensionType": "Microsoft.TeamFoundation.VersionControl.Server.PlugIns.RepositorySecurityNamespaceExtension",
"isRemotable": true,
"useTokenTranslator": true
},
{
"namespaceId": "2bf24a2b-70ba-43d3-ad97-3d9e1f75622f",
"name": "EventSubscriber",
"displayName": "EventSubscriber",
"separatorValue": ":",
"elementLength": -1,
"writePermission": 2,
"readPermission": 1,
"dataspaceCategory": "Default",
"actions": [
{
"bit": 1,
"name": "GENERIC_READ",
"displayName": "View",
"namespaceId": "2bf24a2b-70ba-43d3-ad97-3d9e1f75622f"
},
{
"bit": 2,
"name": "GENERIC_WRITE",
"displayName": "Edit",
"namespaceId": "2bf24a2b-70ba-43d3-ad97-3d9e1f75622f"
}
],
"structureValue": 1,
"extensionType": null,
"isRemotable": false,
"useTokenTranslator": false
},
{
"namespaceId": "5a6cd233-6615-414d-9393-48dbb252bd23",
"name": "WorkItemTrackingProvision",
"displayName": "WorkItemTrackingProvision",
"separatorValue": "/",
"elementLength": -1,
"writePermission": 1,
"readPermission": 0,
"dataspaceCategory": "WorkItem",
"actions": [
{
"bit": 1,
"name": "Administer",
"displayName": "Administer",
"namespaceId": "5a6cd233-6615-414d-9393-48dbb252bd23"
},
{
"bit": 2,
"name": "ManageLinkTypes",
"displayName": "Manage work item link types",
"namespaceId": "5a6cd233-6615-414d-9393-48dbb252bd23"
}
],
"structureValue": 1,
"extensionType": "Microsoft.TeamFoundation.WorkItemTracking.Server.WitProvisionSecurityExtension",
"isRemotable": false,
"useTokenTranslator": true
},
{
"namespaceId": "49b48001-ca20-4adc-8111-5b60c903a50c",
"name": "ServiceEndpoints",
"displayName": "ServiceEndpoints",
"separatorValue": "/",
"elementLength": -1,
"writePermission": 2,
"readPermission": 0,
"dataspaceCategory": "Default",
"actions": [
{
"bit": 1,
"name": "Use",
"displayName": "Use Endpoint",
"namespaceId": "49b48001-ca20-4adc-8111-5b60c903a50c"
},
{
"bit": 2,
"name": "Administer",
"displayName": "Administer Endpoint",
"namespaceId": "49b48001-ca20-4adc-8111-5b60c903a50c"
},
{
"bit": 4,
"name": "Create",
"displayName": "Create Endpoint",
"namespaceId": "49b48001-ca20-4adc-8111-5b60c903a50c"
},
{
"bit": 8,
"name": "ViewAuthorization",
"displayName": "View Authorization",
"namespaceId": "49b48001-ca20-4adc-8111-5b60c903a50c"
},
{
"bit": 16,
"name": "ViewEndpoint",
"displayName": "View Endpoint",
"namespaceId": "49b48001-ca20-4adc-8111-5b60c903a50c"
}
],
"structureValue": 1,
"extensionType": null,
"isRemotable": false,
"useTokenTranslator": true
}
]
}Get the specified security namespace
Sample request
GET https://dev.azure.com/fabrikam/_apis/securitynamespaces/5a27515b-ccd7-42c9-84f1-54c998f03866?api-version=7.1
Sample response
{
"count": 1,
"value": [
{
"namespaceId": "5a27515b-ccd7-42c9-84f1-54c998f03866",
"name": "Identity",
"displayName": "Identity",
"separatorValue": "\\",
"elementLength": -1,
"writePermission": 4,
"readPermission": 1,
"dataspaceCategory": "Default",
"actions": [
{
"bit": 1,
"name": "Read",
"displayName": "View identity information",
"namespaceId": "5a27515b-ccd7-42c9-84f1-54c998f03866"
},
{
"bit": 2,
"name": "Write",
"displayName": "Edit identity information",
"namespaceId": "5a27515b-ccd7-42c9-84f1-54c998f03866"
},
{
"bit": 4,
"name": "Delete",
"displayName": "Delete identity information",
"namespaceId": "5a27515b-ccd7-42c9-84f1-54c998f03866"
},
{
"bit": 8,
"name": "ManageMembership",
"displayName": "Manage group membership",
"namespaceId": "5a27515b-ccd7-42c9-84f1-54c998f03866"
},
{
"bit": 16,
"name": "CreateScope",
"displayName": "Create identity scopes",
"namespaceId": "5a27515b-ccd7-42c9-84f1-54c998f03866"
}
],
"structureValue": 1,
"extensionType": "Microsoft.TeamFoundation.Framework.Server.IdentitySecurityNamespaceExtension",
"isRemotable": false,
"useTokenTranslator": false
}
]
}Definitions
| Name | Description |
|---|---|
|
Action |
|
|
Security |
Class for describing the details of a TeamFoundationSecurityNamespace. |
ActionDefinition
| Name | Type | Description |
|---|---|---|
| bit |
integer |
The bit mask integer for this action. Must be a power of 2. |
| displayName |
string |
The localized display name for this action. |
| name |
string |
The non-localized name for this action. |
| namespaceId |
string |
The namespace that this action belongs to. This will only be used for reading from the database. |
SecurityNamespaceDescription
Class for describing the details of a TeamFoundationSecurityNamespace.
| Name | Type | Description |
|---|---|---|
| actions |
The list of actions that this Security Namespace is responsible for securing. |
|
| dataspaceCategory |
string |
This is the dataspace category that describes where the security information for this SecurityNamespace should be stored. |
| displayName |
string |
This localized name for this namespace. |
| elementLength |
integer |
If the security tokens this namespace will be operating on need to be split on certain character lengths to determine its elements, that length should be specified here. If not, this value will be -1. |
| extensionType |
string |
This is the type of the extension that should be loaded from the plugins directory for extending this security namespace. |
| isRemotable |
boolean |
If true, the security namespace is remotable, allowing another service to proxy the namespace. |
| name |
string |
This non-localized for this namespace. |
| namespaceId |
string |
The unique identifier for this namespace. |
| readPermission |
integer |
The permission bits needed by a user in order to read security data on the Security Namespace. |
| separatorValue |
string |
If the security tokens this namespace will be operating on need to be split on certain characters to determine its elements that character should be specified here. If not, this value will be the null character. |
| structureValue |
integer |
Used to send information about the structure of the security namespace over the web service. |
| systemBitMask |
integer |
The bits reserved by system store |
| useTokenTranslator |
boolean |
If true, the security service will expect an ISecurityDataspaceTokenTranslator plugin to exist for this namespace |
| writePermission |
integer |
The permission bits needed by a user in order to modify security data on the Security Namespace. |