API Azure DevOps Conditional Access

Demo: Conditional Access Automation with Azure DevOps and Node.JS

I recently wrote about testing Github tools for Conditional Access automation. I felt I would also need to test similar options with Azure DevOps. Since I’ve worked bit more with Azure DevOps; Turns out this integration is bit easier for me to do in Azure DevOps.


  • Node.JS ”CA-Manager” this is the part that different pipelines invoke for operations on CA and GIT
  • Azure Pipelines are used to control the Node.JS ”CA-Manager”


  • Admin changes the CA-Policy via modifying the shadow policy
  • Azure DevOps Pipeline ”Shadow Policies” picks up the change (timer trigger, but triggered manually in the demo to avoid delay)
  • Azure Devops submits Pull request from the pipeline itself bash: node pr.js $(System.AccessToken) $(System.CollectionUri) $(Build.SourceBranch) $(Build.Repository.ID)
Simple use case for API
  • Admin receives the pull request notification and views the changes in the commit
  • Admin approves the pull request and completes the merge
  • Merging of the pull request kicks off the CA Update pipeline
  • After the pipeline completes the changes are now in prod
  • Admin reviews the changes from Conditional Access policies

0 comments on “Demo: Conditional Access Automation with Azure DevOps and Node.JS


Täytä tietosi alle tai klikkaa kuvaketta kirjautuaksesi sisään:


Olet kommentoimassa WordPress.com -tilin nimissä. Log Out /  Muuta )


Olet kommentoimassa Twitter -tilin nimissä. Log Out /  Muuta )


Olet kommentoimassa Facebook -tilin nimissä. Log Out /  Muuta )

Muodostetaan yhteyttä palveluun %s

%d bloggaajaa tykkää tästä: