Service Principal Permission Management in Azure DevOps (ADO)
Jonathan Gruber
Description
Enable Port to manage Service Principal permissions in Azure DevOps, not just Personal Access Tokens. This will let teams govern both human and machine access from Port, reduce manual ADO configuration, and improve compliance for enterprise customers.
Impact
Closes a key governance gap in ADO integration.
J
Jay Williams
Per Microsoft's own KB for use of PAT's - Avoid using PATs when a more secure authentication method is available. PATs carry inherent security risks because they're long-lived credentials that can be leaked, stolen, or misused. Use Microsoft Entra tokens, managed identities, or service principals instead whenever possible.
https://learn.microsoft.com/en-us/azure/devops/organizations/accounts/use-personal-access-tokens-to-authenticate?view=azure-devops&tabs=Windows