Azure DevOps

​

Setup Guide

You can find your Azure DevOps application credentials by visiting your Microsoft Azure Portal.

You’ll need the following information to set up your Azure DevOps App with Paragon Connect:

• Client ID
• Client Secret
• Scopes Requested

​

Add the Redirect URL to your Azure DevOps app

Paragon provides a redirect URL to send information to your app. To add the redirect URL to your Azure DevOps app:

1. Copy the link under “Redirect URL” in your integration settings in Paragon. The Redirect URL is:

https://passport.useparagon.com/oauth

2. Log in to the Microsoft Azure Portal using your Microsoft account.

3. Navigate to All Services > App Registrations and select your application.

4. Select Authentication from the sidebar.

5. Under Platform configurations, press the “Add a platform” button.

6. Select the Web platform.

7. Paste the Redirect URL from Step 1 under Redirect URIs.

8. Press the Save button at the top of the page.

​

Generate a Client Secret

Since Azure DevOps does not automatically provide you with a Client Secret for your application, we’ll need to make one. To get your Client Secret:

1. Navigate to Manage > Certificates & secrets in the sidebar.

2. Under Client Secrets, press the + New client secret button.

3. Name your client credentials and select an expiry that works best for your application. Press Add to create your credentials.

4. Copy the displayed Client Secret under the Value column.

​

Add your Azure DevOps app to Paragon

Under Integrations > Connected Integrations > Azure DevOps > Settings, fill out your credentials from the end of Step 1 in their respective sections:

• Application Type: Select your OAuth 2.0 provider. If you are configuring the Azure DevOps integration for the first time, select Microsoft Entra ID App. Learn more at selecting your OAuth2 provider.
• Client ID: Found under Essentials > Application (client) ID on your Microsoft Azure Portal app page.
• Client Secret: Found under Manage > Certificates & secrets on your Microsoft Azure Portal app page.
• Permissions: Select the scopes you’ve requested for your application. For a list of recommended scopes, please view this integration within your Paragon dashboard. View dashboard.

​

Connecting to Azure DevOps

Once your users have connected their Azure DevOps account, you can use the Paragon SDK to access the Azure DevOps API on behalf of connected users.

See the Azure DevOps REST API documentation for their full API reference.

Any Azure DevOps API endpoints can be accessed with the Paragon SDK as shown in this examples

// You can find your project ID in the Overview tab of any Integration

// Authenticate the user
paragon.authenticate(<ProjectId>, <UserToken>);
          
// Get Project List
await paragon.request("azuredevops", "/projects?api-version=5.0", {
  method: “GET”,
});

​

Building Azure DevOps workflows

Once your Azure DevOps account is connected, you can add steps to perform the following actions:

• Search Work Items
• Create Work Item
• Update Work Item
• Delete Work Item

When creating or updating work items in Azure DevOps, you can reference data from previous steps by typing {{ to invoke the variable menu.

​

Selecting your Azure DevOps OAuth2 Provider

When setting up the Azure DevOps integration for the first time, select Azure Entra ID App as the application type. You will obtain the required Client ID and Client Secret directly from the Azure Portal.

The Azure DevOps OAuth App option is only available to users who created the application prior to the announcement.

​

Migrating from Azure DevOps OAuth provider into Entra ID

Microsoft has announced that as of April 23, 2025, the Azure DevOps OAuth app platform is no longer accepting new app registrations. And the Azure DevOps Oauth Platform will be retired later in 2026.

1. Follow the steps described in Step 1.
2. In your Paragon dashboard, reconfigure the integration following the steps described in Add your Azure DevOps app to Paragon. Select Microsoft Entra ID App as the Application Type.