How to: List all users and group permissions on Azure DevOps using Azure DevOps CLI

Vinicius Moura
Oct 20, 2020

This script list all users on Azure DevOps organization and which groups they belong to

An original script is available on my GitHub repository. See bellow this script:

Let’s go understand each used command.

  1. PowerShell script will receive the following parameters:
  • $PAT = Personal Access token to connect on Azure DevOps;
  • $Organization = Organization URL to list all users and permissions.

2. az devops user list = use this command to list all users on Azure DevOps organization.

az devops user list 
[--detect {false, true}]
[--org]
[--skip]
[--top]
$allUsers = az devops user list --org $Organization | ConvertFrom-Jsonforeach($au in $allUsers.members)
{
Write-Host $au.user.principalName
}

3. az devops security group membership list = use this command to list all groups that based user is contained in.

az devops security group membership list --id
[--detect {false, true}]
[--org]
[--relationship {memberof, members}]
$activeUserGroups = az devops security group membership list --id $au.user.principalName --org $Organization --relationship memberof | ConvertFrom-Json

4. After executing the script on PowerShell, will be generated a JSON file that lists all users and your respective groups.

5. After creating JSON, I connected it on Power BI, as shown bellow:

  • Groups Filter (1): filter a respective group to list users;
  • User Name (2): list a specific user;
  • Group Name (3): list group names;
  • Principal Name (4): list respective users.

Sign up to discover human stories that deepen your understanding of the world.

Free

Distraction-free reading. No ads.

Organize your knowledge with lists and highlights.

Tell your story. Find your audience.

Membership

Read member-only stories

Support writers you read most

Earn money for your writing

Listen to audio narrations

Read offline with the Medium app

Vinicius Moura
Vinicius Moura

Written by Vinicius Moura

Tech Solution Architect Manager na Accenture

Responses (2)

What are your thoughts?