In a continuation of a long running series, here is a scope dump from TFS Azure DevOps 2025H2, the latest as of the time of writing. Again, some endpoints might be cloud only.
Thursday, January 8, 2026
OAuth scopes in Azure DevOps 2025H2
Tuesday, May 28, 2024
They are eating their own dog food
The built-in build/release tasks of TFS Azure DevOps have manifests, too. And those manifests are right there in the database!
Friday, May 17, 2024
Punished for spelling out
Amazing discovery/public service announcement of the day: between v15 and v16 of the Azure DevOps' .NET client API, the definition of GitHttpClient and its base (where most of the methods are) underwent some changes that might be breaking.
Saturday, April 13, 2024
I want to break free
Sometimes, one has release tasks in Azure DevOps (formerly known as TFS) that don't complete synchronously.
Wednesday, August 31, 2022
Project vs. collection
Some time ago, I've discussed the identity of the account that TFS agent jobs are using to connect back to TFS via the distributedTask PowerShell context variable, or the equivalent System.AccessToken release variable. Back at the time, I've concluded that the identity behind that token was "Build Service (CollectionName)". Well, just today I've encountered a case where a release was running under a different identity - "ProjectName Build Service (CollectionName)". Both coexist.
Tuesday, October 26, 2021
Sequential vs. semantic
This is about the naming of releases in Azure DevOps (formerly known as TFS and VSTS). The default pattern of release names has been, as long as I can remember, sequential within the definition's scope: "Release 1", "Release 2", etc. That's been a minor pet peeve of mine for a while, and now we've come up with a technique to change this format to something more informative. Specifically, one can name releases with respect to the current product version, as every reasonable project team would want to.
Wednesday, December 2, 2020
OAuth scopes in Azure DevOps 2020
Friday, July 31, 2020
It's AzDevOps all the way down
Wednesday, April 22, 2020
c:\>TFS
Friday, October 18, 2019
Select from TFVC
So I have an innocent desire to run a report off the content of some files in source control. The question is, how are they stored? There are four tables of interest:
Friday, May 31, 2019
Internal extensions in TFS
use Tfs_Configuration;
select p.DisplayName, p.PublisherName, e.ExtensionName,
e.DisplayName, e.ShortDescription, cast(Content as varchar(max)) as Content
from Gallery.tbl_Asset a
inner join Gallery.tbl_Extension e on a.ReferenceID=e.ExtensionId
inner join Gallery.tbl_Publisher p on e.PublisherId = p.PublisherId
inner join tbl_FileReference r on a.FileId = r.FileId
inner join tbl_Content c on r.ResourceId = c.ResourceId
where AssetType = 'Microsoft.VisualStudio.Services.Manifest'
order by e.ExtensionName, a.Version desc
I can see multiple versions of the same extension there, my TFS instance went through several version upgrades; on a freshly installed copy there would probably be only one.
Let me know, TFS
Monday, March 25, 2019
OAuth scopes in TFS 2019
The same caveat applies: some of those might be cloud only.
TFS 2019 and commitment issues
Let me count the ways things broke:
Friday, December 28, 2018
Federating TFS tables across collections
Monday, May 21, 2018
Constrained and dignified
I was facing a minor usability issue. We have an extension with several custom menu commands for release
Monday, April 30, 2018
All TFS clients
Friday, April 27, 2018
Who am I and what are my rights (in TFS)?
string Scopes = new System.IdentityModel.Tokens.JwtSecurityToken(Token).Payload["scp"];
There's a sample gist for that.
Friday, March 16, 2018
All OAuth scopes in TFS 2018.1
Now I have a TFS 2018 update 1 instance, and here's the OAuth scope dump for that version. Notable addition: wiki.
UPDATE: same for
The same caveat applies: some of those endpoints might be VSTS-only.