Aether365

English

Deutsch
Français
Español
Nederlands
Türkçe
Italiano
Ελληνικά
Polski
Български
Čeština
Dansk
Eesti
Suomi
Magyar
Lietuvių
Latviešu
Norsk bokmål
Português
Română
Slovenčina
Slovenščina
Svenska
Українська

English

Deutsch
Français
Español
Nederlands
Türkçe
Italiano
Ελληνικά
Polski
Български
Čeština
Dansk
Eesti
Suomi
Magyar
Lietuvių
Latviešu
Norsk bokmål
Português
Română
Slovenčina
Slovenščina
Svenska
Українська

Appearance

(Organization) Restrict Personal Access Token creation.

Why This Matters

Personal Access Tokens (PATs) provide a powerful authentication method for Azure DevOps that bypasses normal interactive sign-in flows. When any organization member can create PATs without restrictions, the risk of credential leakage, lateral movement, and unauthorized access to your CI/CD pipelines increases significantly. Limiting PAT creation to only those who absolutely need it is a core security control for protecting your development infrastructure.

What Aether365 Checks

Aether365 verifies that your Azure DevOps organization has policies in place to restrict which users can create Personal Access Tokens. This check appears in your Aether365 dashboard under the microsoft-365 security category.

How to Fix

To restrict PAT creation for your Azure DevOps organization:

Was this page helpful?

© 2026 Aether365. All rights reserved.