Team Foundation Server (TFS) setup

Tags: Flow

This is a step-by-step guide to connect your TFS account to Flow.

For a successful connection:

  • Allowlist Flow's static IP addresses on port 443 over HTTPS.
  • Have an SSL certificate that uses a public certificate authority.
  • Have a public DNS record pointing to the IP address exposed for Flow analysis.

Who can use this?



Important: Use a service account to create this Integration. Learn more about Creating a service account.

Permission requirements

To use all integration services such as repos, pull requests, tickets, and webhooks, ensure the following:

  • Review the personal access token scopes outlined below. 

  • The service account is a Project Collection Administrator at the organizational level. 

To enable webhooks, the service account needs to be a Project Collection Administrator and have at least one repository imported from a project.

If you do not need webhooks, allow the View instance-level information permission to establish a connection and import repos. Add your service account to each project you want to import into Flow.

back to top

TFS Version requirements

To integrate with Flow, your TFS version must be 2018 or higher.

back to top

TFS configuration

To connect your TFS account, create a new integration.

To create an integration:

  1. Click Settings in the top navigation.
  2. In the left navigation under Integrations, click Integrations.
  3. Click the Add Integration button in the top right corner of the integrations page.

  4. Select TFS from the Integration Provider list.

  5. Input your email, password, personal access token, and base URL of the service account. The base URL looks like: https://{your_TFS_domain}/{yourorganization}

Creating a personal access token

To create a personal access token in TFS:

  1. Click Security under your gravatar menu.

  2. On the Personal access token page, click Add.

  3. Fill in the following information for your new personal access token:

    • Description
    • Expiration date
    • Select the following minimum scopes to connect your account:
      • Code (read)
      • Code (search)
      • Identity (read)
      • Project and team (read)
      • Service Endpoints (read and query)
      • User profile (read)
      • Work items search (read)
      • Work items (read)

  4. Click Create.

back to top

Finishing up

Now that you have created a personal access token you can complete your integration setup in Flow.

  1. Copy your access token and paste it into Flow's Personal Access Token field. 

  2. Click Test connection.

  3. If the connection was successful you will see a success message.

    If the connection was not successful, verify your credentials and access token, then try again.
  4. Once you have successfully connected to your TFS account, click Next.
  5. Select the services you want turned on for this Integration by toggling them on or off. If you would like to import pull request and ticket data in addition to repo data, then leave all services on. You can turn services on and off at any time. Click Next.

  6. Name your integration to identify the account you connected. Click Create. You have successfully created a new TFS integration.

  7. To import your repos, go to your repo import page. Click the repo import page link. Learn more about Managing integrations

back to top


If you are unable to get your integration setup, see the troubleshooting scenarios:

Could not connect to URL

If you receive the above error message when you test your integration:

  • Check your base URL.

It should be in the following format:


  • If you are behind a firewall, review the initial setup of the connection - allowlist IPs, public DNS, certificate signed by a public CA.

Authorization denied

If you were unable to authenticate the connection, check your credentials and personal access scopes, then try again.

Connection tests successfully, but I can not see all my projects and repositories

If you do not see all the projects or repos you expect, double check your permissions at the organization and project level. If you are not a Project Collection Administrator you need to be added to each project you want to add to your Flow account.

back to top

If you need help, please email Support (opens email form) for 24/7 assistance.