Azure DevOps Server (ADO Server) setup

Tags: Flow

This is a step-by-step guide to connect your Azure DevOps Server (ADO Server) account to Flow.

Data about ADO Server work items appear in Work log, but not in other ticket-based reports.

Note: Azure DevOps Server was previously known as Team Foundation Server (TFS).

For a successful connection:

  • Allowlist Flow's static IP addresses on port 443 over HTTPS.
  • Have an SSL certificate that uses a public certificate authority.
  • Have a public DNS record pointing to the IP address exposed for Flow analysis.

Who can use this?



If PRs have not been updated, deleted, abandoned, or created within the six months prior to the initial integration processing date, the PR will not be ingested into Flow and will not appear in reports.

Important: Use a service account to create this integration. Learn more about creating a service account.

Permission requirements

To use all integration services such as repos, pull requests, tickets, and webhooks, ensure the following:

  • Review the personal access token scopes outlined below.
  • The service account is a Project Collection Administrator at the organizational level.

To enable webhooks, the service account needs to be a Project Collection Administrator and have at least one repository imported from a project.

If you don't need webhooks, allow the View instance-level information permission to establish a connection and import repos. Add your service account to each project you want to import into Flow.

back to top

Azure DevOps Server Version requirements

To integrate with Flow, your Azure DevOps Server or TFS version must be 2018 or higher.

back to top

Azure DevOps Server configuration

To connect your Azure DevOps Server account, create a new integration.

To create an integration:

  1. Click Settings in the top navigation.
  2. In the left navigation under Integrations, click Integrations.
  3. Click the Add Integration button in the top right corner of the Integrations page.
  4. Select TFS from the Integration Provider list. Do not select Azure DevOps.
  5. Input your email, password, personal access token, and base URL of the service account. The base URL looks like: https://{your_ADO Server_domain}/{yourorganization}

back to top

Creating a personal access token

Create a personal access token in Azure DevOps Server (external site, opens in new tab).

  1. Fill in the following information for your new personal access token:
    • Description
    • Expiration date
    • Select the following minimum scopes to connect your account:
      • Code (read)
      • Code (search)
      • Identity (read)
      • Project and team (read)
      • Service Endpoints (read and query)
      • User profile (read)
      • Work items search (read)
      • Work items (read)
  2. Click Create.

back to top

Finishing up

Now that you've created a personal access token, you can complete your integration setup in Flow.

  1. Copy your access token and paste it into Flow's Personal Access Token field.
  2. Click Test connection.
  3. If the connection was successful, you'll see a success message. If the connection was not successful, verify that your credentials and access token are correct, then try again.
  4. Once you've successfully connected to your Azure DevOps Server account, click Next.
  5. Select the services you want turned on for this Integration by toggling them on or off. If you want to import pull request and ticket data in addition to repo data, leave all services on. You can turn services on and off at any time. Click Next.
  6. Enter the name you want to give your Azure DevOps Server integration. Click Create. 

You have successfully created a new Azure DevOps Server integration.

back to top


If you can't get your integration set up, try these troubleshooting options:

Could not connect to URL

If you receive a Could not connect error message when you test your integration:

  • Check that your base URL is correct. It should be in the following format:
  • If you're behind a firewall, review the initial setup of the connection—allowlist IPs, have a public DNS, have a certificate signed by a public CA.

Authorization denied

If you receive an Authorization denied error, check your credentials and personal access scopes, then try again.

Connection tests successfully, but I can't see all my projects and repositories

If you don't see all the projects or repos you expect, double check your permissions at the organization and project level. If you aren't a Project Collection Administrator you need to be added to each project you want to add to your Flow account.

back to top

If you need help, please contact Pluralsight Support.