LogoLogo
Visit PullRequest.comApp Dashboard
  • Welcome to HackerOne Code!
  • Frequently Asked Questions
    • Supported Integrations
    • What to Expect
      • How to Get More Out of Code Review
  • Getting Started
    • Supported Languages
    • Create an Account
  • Cloud Integrations
    • Adding GitHub Repositories
    • Adding Bitbucket Repositories
    • Adding GitLab Projects
    • Adding Azure DevOps Repositories
  • On-Premise Integration
  • On-Premise Support
  • Assign Code Reviews to PullRequest Network
    • Assigning Reviews to HackerOne Code
    • Code Review Statuses
    • Collaborating with HackerOne Reviewers
    • Rating Reviews
    • Requesting Code Review for bulk files and projects
  • Code Review Settings
    • Advanced Review Settings
    • Project Notes Access
    • Repository Search
    • PullRequest Approval
    • Exclude Files from HackerOne Review
  • Metrics
    • Benchmarks
    • Terms
Powered by GitBook
On this page
  • Step 1: Invite the PullRequest posting user
  • Step 2: Create a user account by authenticated with Azure DevOps
  • Step 3: Authorize and Sync Organization Projects
  • Required Permissions
  • Step 4: Installing the PullRequest Azure DevOps app
  • Step 5: Select Repositories
  • Step 6: View Repositories
  • Step 7: Verify the posting user has been added
  1. Cloud Integrations

Adding Azure DevOps Repositories

This guide includes adding a PullRequest user to your Organization, authorizing your Azure DevOps account with PullRequest, installing and syncing your repositories.

PreviousAdding GitLab ProjectsNextOn-Premise Support

Last updated 1 month ago

Step 1: Invite the PullRequest posting user

NOTE: If your organization uses the access management service, please let your HackerOne implementation or accounts contact know.

In order for our system to post feedback to your Azure pull requests, a posting user must be added to your team.

Open your Azure DevOps Organization Settings and click Users -> Add Users

In the Users field, add: azure@pullrequest.com

If you've coordinated with your HackerOne team to use an alternate service user which has already been created, this step is not required. Ensure that the service user has been added to that cover scope of repositories that will utilize the service.

The user will need Basic access and will need to be added to all of the Projects you'll need review coverage on.

If possible, we recommend selecting Add all Project access so there's no disruption in service as coverage is needed. You'll be able to maintain control for restricting and enabling service for certain repositories through our dashboard (see ).

Once the user is aded, an invitation will be sent to the HackerOne implementation team to accept.

Step 2: Create a user account by authenticated with Azure DevOps

We recommend logging into Azure DevOps in your browser prior to this step.

Step 3: Authorize and Sync Organization Projects

You'll then be prompted to authorize your Microsoft account with PullRequest, click Accept.

Required Permissions

Our integration adheres to the principle of least privilege, ensuring that it only has the access necessary to perform its intended function—providing valuable insights in pull request discussions. Here are the permissions we require and how we use them.

The vso.code.status scope is required to create and get statuses associated with a pull request or an iteration. This is necessary for our system to post back results of automated scans and communicate workflow state to end-users in the Azure DevOps interface.

To keep project, repository and team information up-to-date in our dashboard tools, the service requires the vso.project Project and Team scope.

Dashboard visibility and access to configuration settings in our dashboard are based on the end-user's permissions in Azure DevOps. Our system relies on the vso.graph Graph & Identity scope to ensure access within the service is based on access within Azure DevOps and is always up-to-date.

Step 4: Installing the PullRequest Azure DevOps app

After authorizing with your Microsoft account, you'll be directed to a page to select which Azure DevOps Organization you want to install PullRequest on.

NOTE: Some Microsoft user accounts are treated like as Organization and will be shown in this list. It's likely you'll need to connect to your company's Organization instead of your Microsoft username (see below).

Step 5: Select Repositories

You'll be asked to allow PullRequest to access All repositories or Only select repositories.

PullRequest recommends selecting the All repositories option so you won't need to repeat this step each time your team creates a new repository.

After you've made your selection, click the Connect button.

Step 6: View Repositories

Step 7: Verify the posting user has been added

Before sending code reviews to the PullRequest network, a member of the PullRequest team will need to accept the invitation sent in step 1 to add the PullRequest posting user.

You'll be able to confirm this when the azure PullRequest user is displayed with the PullRequest logo as an avatar in your Organization Settings screen.

If you haven't already, visit and create a user account by authenticating with Azure DevOps.

After , you'll be prompted to authorize and connect with a version control hosting provider. Click the Sync with Azure DevOps option.

Required Permissions for Azure DevOps Integration To enable our service to post comments on pull requests in your Azure DevOps repositories, it requires the vso.code_write Code scope. It includes the ability to "create and manage code reviews" - this is necessary for posting pull request comments and interacting with discussion threads.

Our service never updates or deletes source code in your repository. The write permission is used exclusively for adding and interacting with comments to pull requests. Our integration only makes API calls related to commenting and DOES NOT execute any code-modifying operations.

Your repositories should now appear on the PullRequest page when the Azure DevOps Organization is selected from the Organizations drop-down menu at the top-left portion of the screen.

https://app.pullrequest.com/signup
signing up
Code (read and write)
Code (status)
Graph (read)
dashboard
Azure Active Directory (Azure AD)
Project Team(s)
Step 5
Be sure to select the Azure DevOps Organization your team uses rather than your Microsoft username.
Project and team (read)