azure azure-devops command-line-interface devops

Assign an specific user to many projects with Azure DEVOPS CLI

I'm newbbie on Azure DEVOPS CLI, and I need assign an specific user to all projects in my organization using AZURE DEVOPS CLI. The total of projects of the organization it´s about 25 projects.

Greetings.

Solution

To add a user to all projects in your organization using Azure DevOps CLI, you can refer to the followings.

Prerequisites

Ensure the user has been added into your organization. If not, you can add the user from UI or using DevOps CLI az devops user add.
You must be a member of the Project Collection Administrators group.

Steps

Run az devops project list to get all the project id.
Run az devops security group list to get the descriptor of the target group to which you want to add the user.
Run az devops security group membership add to add the user to the target group.

Sample

The following PowerShell scripts add the user to the Readers group of all projects. Replace the value of userEmail, organization, AZURE_DEVOPS_EXT_PAT and displayName based on your requirement.

# Define user and organization details
$userEmail = "{The user email}"
$organization = "{Org name}"

# Define Personal Access Token (PAT) as environment variable for authentication
$env:AZURE_DEVOPS_EXT_PAT = '{PAT}'

# Get list of all projects in the organization
$projects = az devops project list --organization https://dev.azure.com/$organization | ConvertFrom-Json

# Loop through each project
foreach ($project in $projects.value) {
    $projectId = $project.id

    # Get the Readers group descriptor for the project
    $groupid = az devops security group list --organization https://dev.azure.com/$organization --project $projectId --query "graphGroups[?displayName=='Readers'].descriptor| [0]"

    # Add the user to the Readers group
    az devops security group membership add --group-id $groupid --member-id $userEmail --org https://dev.azure.com/$organization
}