I have a presentation recently on Continuous Integration Using Local Agents in Azure DevOps and one of the things I do in there is get a PAT for Azure DevOps to use in configuring an agent. This post shows how to do this, as I found this wasn’t obvious when I was searching out information.
Azure DevOps Organizations
In Azure DevOps, at the top level you have an organization. Here’s my way0utwest org.
In the lower left corner, there is this, which is somewhat hidden. As you can see, it’s next to the bottom projects in my org, just above my Windows bar.
If I click this, I have lots of settings. I have lots of different things. One would think this would be a place where I could create a PAT for my agent to connect with.
It’s not.
If I am setting up an Agent and need a PAT, I need to do to the upper right, under my user settings. This is the second from the right (as of Jan 2025) icon. If I click this, I see PATs.
Once I click Personal access tokens, I get to this screen. You can see my PATs and a “New” buton in the upper right. Click this to create a new token.
You get this screen. Apparently this token is only used to register the agent. I’ve usually granted this full access, but I haven’t dived too deep into what happens if I only limit rights. I’ll try that soon. As with any security issue, make sure you know the implications of settings.
Once you create this, you get a notice that you need to copy this now or lose it. There’s a handy copy button, so use it.
Summary
This is a quick post on creating tokens in Azure DevOps. As with any security change, make sure you know what the implications are for creating and using these.