Azure DevOps OAuth apps can access resources in your organization through OAuth.

Why This Matters

Azure DevOps OAuth apps can pose a security risk by gaining unauthorized access to your organization’s resources through OAuth tokens. If not properly controlled, these permissions may allow apps to read, modify, or exfiltrate sensitive data without explicit administrator oversight. Admins should monitor and revoke unnecessary OAuth app access to prevent potential data breaches or compliance violations.

What Aether365 Checks

Aether365 verifies whether Azure DevOps OAuth apps have been granted access to resources within your Microsoft 365 organization. This check appears in your Aether365 dashboard under the microsoft-365 checks category, ensuring you can quickly identify and manage these permissions.

How to Fix

To restrict or remove Azure DevOps OAuth app access, follow these steps: