How does Backrightup backup data from Azure Devops

Backrightup uses a very secure and safe oAuth App to pull data from your Azure Devops tenant. This is the best practice set by Microsoft themselves. As you can see from the diagram below, the authentication tokens expire every 1 hour.

When you onboard, you give us your organisation name, and then we request permissions to access the data from you using the same permissions you have as the user currently logged into Azure Devops (eg. If that user has no rights, the app will receive no rights for access - so make sure it is a Project Collection Administrator. It is also best to use a dedicated service account eg. backrightup@your-company.com). The permissions screen looks a little like this:

Once you accept, the app will attempt to pull in and backup the data using the authenticated application.

How to revoke/remove the Backrightup App from Azure Devops

You may want to remove the authorization you previously created.

You can do this by doing the following steps:

1) Login to Azure devops and navigate to https://aex.dev.azure.com/me. You should see your authorizations at the bottom of the page

2) Click on "Manage authorizations"

3) Click on the "Revoke" link for backrightup

Updated on: 18/05/2023