Removing Azure Resource Manager reliance on Azure DevOps sign-ins - Azure DevOps Blog

from Azure DevOps Blog 1 month ago

Azure DevOps will no longer require the Azure Resource Manager audience for sign-ins and token refreshes beginning on July 28, 2025. This change allows for better management of Azure DevOps access through tailored Conditional Access Policies (CAPs), instead of relying on broader ARM CAPs. Administrators must transition from existing CAPs that cover ARM or associated applications to new, Azure DevOps-specific CAPs to ensure continued access coverage for Azure DevOps users. Clear guidelines are provided for creating these new policies within the Azure portal.

With the new update, Azure DevOps will no longer depend on the Azure Resource Manager, allowing for effective management of Azure DevOps access via specific Conditional Access Policies.

Azure DevOps no longer requires the ARM audience for token refresh flows, meaning administrators no longer need to allow all Azure DevOps users to bypass ARM-based Conditional Access.

Read at Azure DevOps Blog

#azure-devops #conditional-access #microsoft-entra #azure-resource-manager #access-management

Collection

[

...

]

Removing Azure Resource Manager reliance on Azure DevOps sign-ins - Azure DevOps BlogRemoving Azure Resource Manager reliance on Azure DevOps sign-ins - Azure DevOps Blog Briefly

Removing Azure Resource Manager reliance on Azure DevOps sign-ins - Azure DevOps Blog
Removing Azure Resource Manager reliance on Azure DevOps sign-ins - Azure DevOps Blog
Briefly