How do I enable Auditing for my organization on Azure DevOps?
You can enable auditing in your organization by going to your organization settings page.
In the right sidebar, you will find the policies below the Security heading. Assuming your company is supported by the Azure Active Directory, you should see that “Log Audit Events” is one of the enforceable security policies.
Change this policy and your application will now be audited in the right sidebar. (If it does not appear immediately, refresh the page and it should be available.)
If you no longer want to receive censorship events, disable the Enable Audit button. If the button is toggled, the audit page will not appear in the sidebar and the audit logs page will not be available. All built-in audit streams will stop receiving events.
Throughout this year, we will continue our work in auditing any visible changes in the data sent to your streams or improving the basic consistency and reliability. Opt-in to Auditing on Azure DevOps.
On our Azure DevOps blog, keep an eye out for updates on our documentation, as well as through our release notes and, as always, reflect the latest audit status.
Auditing is now an opt-in feature for your organization
Auditing has now become a feature of Azure DevOps. If your company is not actively using auditing today (i.e. has visited audit records at least twice in the last 90 days or has a built-in audit stream), you should explicitly enable the audit feature to begin doing so. Once turned on, audit events will be added to your company’s audit record. For companies that are active in auditing, this feature is enabled. Git repository creations, permission changes, resource deletions, code downloads, accessing the auditing feature, and much more.
You can enable auditing in your organization from your organizational settings page.
In the right sidebar, you will find the policies below the Security heading. If you consider your company to be supported by the Azure Active Directory, you should consider one of the available security policies for running registered audit events. MSA-backed companies no longer have audit features available.
Enable this policy and the audit should be available now (if it does not appear immediately, refresh the page and it will be available). If you no longer want to receive censorship events, disable the button. If the button is toggled, the audit page will not appear in the sidebar and the audit logs page will not be available. All built-in audit streams will stop receiving events.
Fixed looping login issue due to incorrectly configured IP conditional access policies
We fixed a problem reported by some users who encountered looping issues while trying to sign in to Azure DevOps.
This has happened to users in companies belonging to tenants who accept only IPv4 restrictions and/or configure conditional access policies that prevent IPv6 addresses from being misused. The looping issue has been resolved and affected users should now see an error message explaining the failure of the IP-based Structured Accessibility Policies (CAP) verification. The recommended action is for the user to ask their AAD administrator to confirm that their IPv6 addresses are included in the whitelist (s).
Guest users will only see public user data
If the external guest access policy is disabled and the public projects access policy is enabled, guest users can only view public user data, such as the display name for members of public projects. This is the same experience offered to anonymous users. This applies to personal data available through the Internet experience (e.g. in the identity selection that appears when a user tries to specify another user or assign task items) and personal data available through our REST APIs.
