Request access to Azure DevOps by e-mail notifications to administrators.

Why This Matters

If administrators can bypass the standard access request process by simply requesting access via email, your Azure DevOps organization loses visibility and control over who gains entry. Email-based approvals lack audit trails and automated enforcement, increasing the risk of unauthorized users obtaining permissions. This can lead to data breaches, accidental misconfigurations, or compliance violations.

What Aether365 Checks

This check verifies whether your Azure DevOps organization is configured to allow users to request access via email notifications to administrators rather than through an automated approval workflow. In the Aether365 dashboard, this check appears under the microsoft-365 section.

How to Fix

To remediate this issue, disable the option for users to request access by sending email notifications to administrators. Follow these steps: