Azure DevOps VS Code Extension
A VS Code extension that provides Azure DevOps integration with secure authentication and chat tools for managing projects and work items.
Disclaimer:
THIS IS A DEMO. YOU SHOULD NOT USE THIS.
USE AT YOUR OWN RISK - This extension is provided "as is" without warranty of any kind. Users assume all responsibility for any data loss, security issues, or other consequences that may result from using this extension.
INTERNAL USE ONLY - This extension is intended for internal organizational use only and should not be distributed or used outside of your organization without proper review and authorization.
NOT AFFILIATED WITH MICROSOFT - This extension is an independent project and is not affiliated with, endorsed by, or supported by Microsoft Corporation. Microsoft, Azure DevOps, Visual Studio Code, and related trademarks are property of Microsoft Corporation.
NO SUPPORT OR WARRANTIES - This software is provided without any express or implied warranties, including but not limited to warranties of merchantability, fitness for a particular purpose, or non-infringement. The authors and contributors are not responsible for any damages or issues arising from the use of this extension.
SECURITY NOTICE - While this extension implements security best practices, users should review the code and ensure it meets their organization's security requirements before use in production environments.
Features
🔐 Secure Authentication
- Microsoft Authentication Library (MSAL) integration for secure Azure DevOps authentication
- Uses VS Code's secure secret storage for token management
- Supports the same authentication flow as other Microsoft VS Code extensions
- Device code flow for secure authentication without embedded browser
- Azure DevOps Login: Authenticate with Azure DevOps from the chat interface
- List Projects: Get all projects in your organization
- Work Items: View and create work items (bugs, tasks, user stories, etc.)
⚙️ Commands
Azure DevOps: Set Organization
- Configure your Azure DevOps organization URL
Azure DevOps: Sign In
- Authenticate with Azure DevOps
Azure DevOps: Sign Out
- Sign out and clear stored credentials
Azure DevOps: Test Connection
- Test your connection to Azure DevOps
Azure DevOps: Show Status
- View current authentication and connection status
Azure DevOps: Toggle Readonly Mode
- Enable/disable readonly mode to prevent write operations
🔒 Readonly Mode
The extension includes a readonly mode feature that provides a safe way to browse Azure DevOps data without risking accidental modifications.
When readonly mode is enabled:
- All write operations are blocked (create, update, delete work items and comments)
- View and read operations continue to work normally
- Clear warnings are shown when attempting write operations
- The status is displayed in the "Azure DevOps: Show Status" command
Usage:
- Use
Azure DevOps: Toggle Readonly Mode
command to enable/disable
- Configure the default setting in VS Code settings:
azureDevOpsTools.readonly
- Perfect for demo environments, production troubleshooting, or when you want to explore data safely
Protected Operations:
- Creating work items (individual, batch, tree structures)
- Updating work items
- Deleting work items
- Adding, updating, or deleting work item comments
- Reverting work items to previous revisions
Getting Started
1. Install the Extension
Install the extension from the VSIX file or VS Code marketplace.
- Open the Command Palette (
Ctrl+Shift+P
or Cmd+Shift+P
)
- Run
Azure DevOps: Set Organization
- Enter your Azure DevOps organization URL:
https://dev.azure.com/yourorganization
- or
https://yourorganization.visualstudio.com
3. Sign In
- Run
Azure DevOps: Sign In
from the Command Palette
- Follow the device code authentication flow:
- A notification will show with a URL and code
- Click "Open Browser" to open the authentication page
- Enter the provided code and complete the sign-in process
Once authenticated, you can use the Azure DevOps tools in VS Code Chat:
@workspace #azure-devops_login
@workspace #azure-devops_projects
@workspace #azure-devops_workitems projectName:"MyProject"
@workspace #azure-devops_create-workitem projectName:"MyProject" workItemType:"Task" title:"New task"
Security Features
Token Management
- Tokens are stored securely using VS Code's
SecretStorage
API
- Automatic token refresh when expired
- Secure token cleanup on sign-out
Authentication Flow
- Uses Microsoft's recommended device code flow for desktop applications
- Same authentication mechanism as other Microsoft VS Code extensions
- No embedded browsers or insecure token handling
API Security
- Proper base64 encoding of tokens for Azure DevOps API
- HTTPS-only communication
- Follows Azure DevOps REST API security best practices
Installation
code --install-extension adzo-tools-0.1.0.vsix
Authentication Details
This extension uses the same authentication approach as other Microsoft VS Code extensions:
- Client ID:
872cd9fa-d31f-45e0-9eab-6e460a02d1f1
(Visual Studio client ID)
- Scope:
499b84ac-1321-427f-aa17-267ca6975798/.default
(Azure DevOps scope)
- Flow: Device Code Flow for secure desktop authentication
- Token Storage: VS Code SecretStorage API
Troubleshooting
If Copilot says it cannot execute Azure DevOps tools like #azure-devops_create-workitem
:
Check Extension Installation: Ensure the extension is properly installed and activated
code --install-extension basic-mcp-extension-0.1.0.vsix
Reload VS Code: After installation, reload the window
- Press
Ctrl+Shift+P
(or Cmd+Shift+P
)
- Run
Developer: Reload Window
Check Authentication: Make sure you're signed in
@workspace #azure-devops_login
Verify Organization: Ensure your organization URL is set
- Run
Azure DevOps: Show Status
from Command Palette
- Or set it with
Azure DevOps: Set Organization
Test Basic Connectivity: Try simpler tools first
@workspace #azure-devops_projects
Authentication Issues
- Run
Azure DevOps: Show Status
to check your authentication status
- Try
Azure DevOps: Sign Out
and sign in again
- Ensure your organization URL is correct
Connection Issues
- Run
Azure DevOps: Test Connection
to verify connectivity
- Check that you have access to the Azure DevOps organization
- Verify your network connection and proxy settings