StackHawk Documentation StackHawk Logo HawkDocs
integrations
workflows
microsoft
azure devops repos

No results found

Try different keywords or check your spelling

Search documentation

Find guides, API references, and more

esc

Azure Repos

Azure Repos

StackHawk’s official Azure Repos integration.

Overview

The Azure Repos integration connects your repositories to StackHawk’s API Discovery feature. Once connected, StackHawk analyzes your codebase to identify APIs and web applications, giving you visibility into your attack surface.

Features

  • Identify testable APIs and web applications across your Azure Repos repositories
  • View repository insights including detected frameworks and commit activity
  • Create StackHawk applications directly from discovered repositories
  • Connect repositories to existing StackHawk applications

Requirements

StackHawk

  • A StackHawk account on the Enterprise plan

Azure Repos

  • Login access to the Azure Repos workspace you want to connect
  • Read permissions to repositories in your workspace
  • Ability to create a Personal Access Token (PAT) with repository read access

Permissions

The Azure DevOps Personal Access Token requires the following scope:

  • Code -> Read for the connected Azure Repos workspace

Set a token expiration that meets your organization’s security requirements. Azure DevOps allows tokens with up to 1 year expiration.

Installation

  1. Log into StackHawk and go to the Azure Repos Integration page.
  2. Click Connect Azure Repos.
  3. Enter your Azure DevOps organization name and Personal Access Token.
  4. The connection modal verifies your credentials and completes the setup.

Usage

Configuration

Configure Azure Repos on the Attack Surface screen. From there you can view discovered repositories and map them to StackHawk applications.

Connecting Multiple Organizations

To connect additional Azure DevOps organizations, click Connect Azure Repos on the integration page. Each connected organization appears in the list below.

Updating Personal Access Token

Azure DevOps Personal Access Tokens expire after 30 days by default (extendable to 1 year during creation). To update an expired token:

  1. Go to the Azure Repos Integration page.
  2. Click Manage for the organization.
  3. Click Update and enter the new token.

Removing the Integration

  1. Go to the Azure Repos Integration page.
  2. Click Manage for the organization you want to remove.
  3. Click Disconnect, then confirm by clicking Yes, Disconnect.

Troubleshooting

Repositories Not Showing in Attack Surface

Repository discovery can take several minutes for organizations with many repositories. A loading indicator displays on the Attack Surface screen while repositories are being processed.

Feedback

Have suggestions or feedback? Contact StackHawk Support.

Your privacy settings

We use first and third party cookies to ensure that we give you the best experience on our website and in our products.

Privacy Policy