Here are the most common questions about our Productboard <> Azure DevOps integration.
In this article:
- How do I know if my organization is using Azure DevOps Services (Cloud) or Azure DevOps Server (On-premise)?
- Can I connect Productboard to multiple Azure DevOps projects?
- Can I integrate multiple Azure DevOps instances into Productboard?
- Can I change the name of my Azure DevOps column?
- Can I see a history of who pushed features into my Azure DevOps account and when they did it?
- Can I change the color of my Azure DevOps states?
- How do you secure the integration between Productboard and Azure DevOps?
- How are permissions managed in the Productboard <> Azure DevOps integration?
- How does the Productboard <> Azure DevOps integration affect my Azure DevOps instance and data?
- How do I prevent sensitive information from passing from Azure DevOps to Productboard?
- How do you secure a webhook subscription to my Azure DevOps instance?
- What is the difference between how Productboard handles cloud and on-premise versions of Azure DevOps?
General FAQs
How do I know if my organization is using Azure DevOps Services (Cloud) or Azure DevOps Server (On-premise)?
You can refer to Microsoft documentation to find out if you're using Azure DevOps Services (Cloud) or Azure DevOps Server (on-premise).
Can I connect Productboard to multiple Azure DevOps projects?
Yes! Once you've connected your Azure DevOps workspace, you will be able to push features to any project in that workspace. Each time you push a feature to Azure DevOps, you have the option to select the appropriate Azure DevOps project:
Can I integrate multiple Azure DevOps instances into Productboard?
Yes, this feature is available to customers on a Productboard Pro+ plan. You can add additional Azure DevOps instances to the same Productboard instance via Settings > Integrations. Simply select the + again:
Can I change the name of my Azure DevOps column?
Yes! Note that this will not change what the integration is called on your Settings page, though you can change the name there too to reflect the same one.
- Click the name of your integration.
- Edit the name as you wish.
- Click out of the name field to save automatically.
Can I see a history of who pushed features into my Azure DevOps account and when they did it?
Yes! After pushing a feature or subfeature into Azure DevOps, that work item's History screen will display who pushed a feature into Azure DevOps, when they did so, and what token they used:
Can I change the color of my Azure DevOps states?
Productboard will automatically sync with the colors used in your Azure DevOps account. If you wish to change your status colors in Azure DevOps, see this Azure DevOps documentation.
Security FAQs
How do you secure the integration between Productboard and Azure DevOps?
We rely on an SSL (Secure HTTPS) connection when interacting with any type of Azure server, whether it's cloud-based or on-premise.
How are permissions managed in the Productboard <> Azure DevOps integration?
The integration is authorized via a "Personal Access Token" belonging to a specific user in an Azure DevOps instance. The permissions granted to the Productboard integration depend on two factors:
- What are the permissions granted in Azure DevOps to the person configuring the integration?
- What permissions were granted by that person when creating their Personal Access Token?
By changing the permissions of the designated user within your Azure DevOps account, or by adjusting the permissions granted to the Personal Access Token, you can manage the access of the integration.
How does the Productboard <> Azure DevOps integration affect my Azure DevOps instance and data?
Our integration can perform these actions in your Azure DevOps account:
- create new Work Items
- update the Hyperlinks section of Work items (when you link an existing PB feature)
- create Work Item comments
The integration never attempts to delete a Work Item. The Azure DevOps integration does not overwrite existing data, except data created by the integration itself (e.g. updating a hyperlink).
How do I prevent sensitive information from passing from Azure DevOps to Productboard?
Users can limit Productboard's access to sensitive information from within their Azure DevOps instance. Access can be restricted in two ways:
- Limit the access of the Azure DevOps user who authorized the Productboard integration
- Limit the permissions of the Personal Access Token used to authenticate the integration.
How do you secure a webhook subscription to my Azure DevOps instance?
To prevent the injection of invalid data by an attacker, Webhook subscriptions are configured to sign each request using HMAC. If the HMAC signature does not match the expected one, we will ignore the request.
Our webhook subscription will only send us raw IDs of work items in your Azure DevOps account. If the work item ID is linked to a Productboard feature, we will request full details from Azure DevOps. If a work item ID is not linked to a Productboard feature, no request will be made, and the full details of that work item (e.g. title, description, etc) will never be sent out of your Azure DevOps instance.
What is the difference between how Productboard handles cloud and on-premise versions of Azure DevOps?
Our integration communicates with on-premise instances of Azure DevOps exactly the same way as it does with cloud-based versions. The only difference is that customers using on-premise versions will need to whitelist our IP addresses and one port. Instructions for doing so can be seen here.