Org Enablement - Update

Update the status of Advanced Security for the organization

PATCH https://advsec.dev.azure.com/{organization}/_apis/management/enablement?api-version=7.2-preview.1

URI Parameters

Name In Required Type Description
organization
path True

string

The name of the Azure DevOps organization.

api-version
query True

string

Version of the API to use. This should be set to '7.2-preview.1' to use this version of the api.

Request Body

Name Type Description
advSecEnabled

boolean

Advanced Security enablement status set to False when disabled and True when enabled; Null is never explicitly set.

advSecEnablementFeatures

AdvSecEnablementFeatures

Includes additional features that can be enabled alongside Advanced Security.

blockPushes

boolean

When true, pushes containing secrets will be blocked.
When false, pushes are scanned for secrets and are not blocked.
If includeAllProperties in the request is false, this value will be null.

enableOnCreate

boolean

Automatically enable Advanced Security on newly created repositories.

Responses

Name Type Description
200 OK

successful operation

Security

oauth2

Type: oauth2
Flow: accessCode
Authorization URL: https://app.vssps.visualstudio.com/oauth2/authorize&response_type=Assertion
Token URL: https://app.vssps.visualstudio.com/oauth2/token?client_assertion_type=urn:ietf:params:oauth:client-assertion-type:jwt-bearer&grant_type=urn:ietf:params:oauth:grant-type:jwt-bearer

Scopes

Name Description
vso.advsec_manage Grants the ability to access sarif upload information, delete analysis, and update alerts

Definitions

Name Description
AdvSecEnablementFeatures
AdvSecEnablementSettingsUpdate

AdvSecEnablementFeatures

Name Type Description
dependabotEnabled

boolean

Dependabot enablement status set to False when disabled and True when enabled; Null is never explicitly set.
When true, Dependabot will open PRs to support security updates for outdated dependencies.
Setting Dependabot enablement state is only supported for repo enablement and not org or project enablement at this time.

dependencyScanningEnabled

boolean

Dependency Scanning enablement status set to False when disabled and True when enabled; Null is never explicitly set.
If GHAzDO is NOT already enabled, behavior will depend on if GHAzDO is to be enabled/disabled. DependencyScanningEnabled will not affect anything in this scenario.
If GHAzDO is to be disabled, the value of DependencyScanningEnabled will have no effect.
Setting Dependency Scanning enablement state is only supported for repo enablement and not org or project enablement at this time.

AdvSecEnablementSettingsUpdate

Name Type Description
advSecEnabled

boolean

Advanced Security enablement status set to False when disabled and True when enabled; Null is never explicitly set.

advSecEnablementFeatures

AdvSecEnablementFeatures

Includes additional features that can be enabled alongside Advanced Security.

blockPushes

boolean

When true, pushes containing secrets will be blocked.
When false, pushes are scanned for secrets and are not blocked.
If includeAllProperties in the request is false, this value will be null.

enableOnCreate

boolean

Automatically enable Advanced Security on newly created repositories.