Request a permission increase

Azure DevOps Services | Azure DevOps Server 2022 - Azure DevOps Server 2019

To access certain tasks, you might need to request higher permissions or be assigned to a specific security role. This scenario typically occurs when you encounter an informational or error message indicating insufficient permissions, which specify the required permission levels.

Common permissions to request

Most members of the Contributors group have the permissions they need to perform most tasks. However, the following tasks require membership in the Project Administrators group or a change in permissions.

The following tasks require membership in the Project Collection Administrators group or a change in permissions at the collection-level or addition to a specific role.

  • Collection-level configurations:
    • Create projects: Requires elevated permissions at the collection level.
    • Add, edit, or manage a process: Requires elevated permissions at the collection level or process-level permissions.
    • Install, uninstall, or disable extensions: Requires addition to the Manager role for extensions.

For an overview of built-in security groups and default permission assignments, see Default permissions and access.

Prerequisites

Note

Users added to the Project-scoped users group don't have access to Organization settings other than the Overview section if the Limit user visibility and collaboration to specific projects preview feature is enabled for the organization. For more information including important security-related call-outs, see Manage your organization, Limit user visibility for projects and more.

Review your permission assignments

Before you request a change to permission levels, review your permission assignments as described in View permissions for yourself or others.

Verify that your permission assignments are preventing you from accomplishing a task you need to perform.

Request a change to a permission level or role change

To request a change or increase in your permission levels, take the following actions:

  1. Identify the permissions you need and at what level. Permissions are set at the object, project, and project-collection level. Also, permissions are granted through various roles. To identify the level and permission you need, review the Permissions lookup guide.

  2. Identify a person in your organization who can grant you the permissions you need. For example:

  3. Contact the person you identified in step 2 and make your request. Make sure you specify the permission you want changed.

Refresh or reevaluate your permissions

After your permission levels get changed, you might need to refresh your permissions for Azure DevOps to recognize the updates. This step is recommended when:

  • Permission or role changes: Your permission level or role was modified.
  • Security group modifications: You were added to a new or different security group in Azure DevOps, Microsoft Entra ID, or Active Directory.

Getting added to a new security group can alter your inherited permissions.

Refresh your permissions, which prompts Azure DevOps to reevaluate your permission assignments immediately. If you don't refresh, your permission assignments don't update until you sign out, close your browser, and sign back in.

Reevaluate permissions control