azuredevops.getSecurityNamespaceToken

Azure DevOps v3.14.0, Mar 24 26

Viewing docs for Azure DevOps v3.14.0
published on Tuesday, Mar 24, 2026 by Pulumi

Schema (JSON)

pulumi/pulumi-azuredevops

Viewing docs for Azure DevOps v3.14.0
published on Tuesday, Mar 24, 2026 by Pulumi

Schema (JSON)

pulumi/pulumi-azuredevops

Example Usage

Discovering Required Identifiers for a Namespace

import * as pulumi from "@pulumi/pulumi";
import * as azuredevops from "@pulumi/azuredevops";

const gitInfo = azuredevops.getSecurityNamespaceToken({
    namespaceName: "Git Repositories",
    returnIdentifierInfo: true,
});
export const gitRequiredIdentifiers = gitInfo.then(gitInfo => gitInfo.requiredIdentifiers);
export const gitOptionalIdentifiers = gitInfo.then(gitInfo => gitInfo.optionalIdentifiers);

import pulumi
import pulumi_azuredevops as azuredevops

git_info = azuredevops.get_security_namespace_token(namespace_name="Git Repositories",
    return_identifier_info=True)
pulumi.export("gitRequiredIdentifiers", git_info.required_identifiers)
pulumi.export("gitOptionalIdentifiers", git_info.optional_identifiers)

package main

import (
	"github.com/pulumi/pulumi-azuredevops/sdk/v3/go/azuredevops"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		gitInfo, err := azuredevops.GetSecurityNamespaceToken(ctx, &azuredevops.GetSecurityNamespaceTokenArgs{
			NamespaceName:        pulumi.StringRef("Git Repositories"),
			ReturnIdentifierInfo: pulumi.BoolRef(true),
		}, nil)
		if err != nil {
			return err
		}
		ctx.Export("gitRequiredIdentifiers", gitInfo.RequiredIdentifiers)
		ctx.Export("gitOptionalIdentifiers", gitInfo.OptionalIdentifiers)
		return nil
	})
}

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using AzureDevOps = Pulumi.AzureDevOps;

return await Deployment.RunAsync(() => 
{
    var gitInfo = AzureDevOps.GetSecurityNamespaceToken.Invoke(new()
    {
        NamespaceName = "Git Repositories",
        ReturnIdentifierInfo = true,
    });

    return new Dictionary<string, object?>
    {
        ["gitRequiredIdentifiers"] = gitInfo.Apply(getSecurityNamespaceTokenResult => getSecurityNamespaceTokenResult.RequiredIdentifiers),
        ["gitOptionalIdentifiers"] = gitInfo.Apply(getSecurityNamespaceTokenResult => getSecurityNamespaceTokenResult.OptionalIdentifiers),
    };
});

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azuredevops.AzuredevopsFunctions;
import com.pulumi.azuredevops.inputs.GetSecurityNamespaceTokenArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        final var gitInfo = AzuredevopsFunctions.getSecurityNamespaceToken(GetSecurityNamespaceTokenArgs.builder()
            .namespaceName("Git Repositories")
            .returnIdentifierInfo(true)
            .build());

        ctx.export("gitRequiredIdentifiers", gitInfo.requiredIdentifiers());
        ctx.export("gitOptionalIdentifiers", gitInfo.optionalIdentifiers());
    }
}

variables:
  gitInfo:
    fn::invoke:
      function: azuredevops:getSecurityNamespaceToken
      arguments:
        namespaceName: Git Repositories
        returnIdentifierInfo: true
outputs:
  gitRequiredIdentifiers: ${gitInfo.requiredIdentifiers}
  gitOptionalIdentifiers: ${gitInfo.optionalIdentifiers}

Collection-level Token

import * as pulumi from "@pulumi/pulumi";
import * as azuredevops from "@pulumi/azuredevops";

const collection = azuredevops.getSecurityNamespaceToken({
    namespaceName: "Collection",
});
export const collectionToken = collection.then(collection => collection.token);

import pulumi
import pulumi_azuredevops as azuredevops

collection = azuredevops.get_security_namespace_token(namespace_name="Collection")
pulumi.export("collectionToken", collection.token)

package main

import (
	"github.com/pulumi/pulumi-azuredevops/sdk/v3/go/azuredevops"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		collection, err := azuredevops.GetSecurityNamespaceToken(ctx, &azuredevops.GetSecurityNamespaceTokenArgs{
			NamespaceName: pulumi.StringRef("Collection"),
		}, nil)
		if err != nil {
			return err
		}
		ctx.Export("collectionToken", collection.Token)
		return nil
	})
}

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using AzureDevOps = Pulumi.AzureDevOps;

return await Deployment.RunAsync(() => 
{
    var collection = AzureDevOps.GetSecurityNamespaceToken.Invoke(new()
    {
        NamespaceName = "Collection",
    });

    return new Dictionary<string, object?>
    {
        ["collectionToken"] = collection.Apply(getSecurityNamespaceTokenResult => getSecurityNamespaceTokenResult.Token),
    };
});

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azuredevops.AzuredevopsFunctions;
import com.pulumi.azuredevops.inputs.GetSecurityNamespaceTokenArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        final var collection = AzuredevopsFunctions.getSecurityNamespaceToken(GetSecurityNamespaceTokenArgs.builder()
            .namespaceName("Collection")
            .build());

        ctx.export("collectionToken", collection.token());
    }
}

variables:
  collection:
    fn::invoke:
      function: azuredevops:getSecurityNamespaceToken
      arguments:
        namespaceName: Collection
outputs:
  collectionToken: ${collection.token}

Project-level Token

import * as pulumi from "@pulumi/pulumi";
import * as azuredevops from "@pulumi/azuredevops";

const example = azuredevops.getProject({
    name: "Example Project",
});
const project = example.then(example => azuredevops.getSecurityNamespaceToken({
    namespaceName: "Project",
    identifiers: {
        project_id: example.id,
    },
}));
export const projectToken = project.then(project => project.token);

import pulumi
import pulumi_azuredevops as azuredevops

example = azuredevops.get_project(name="Example Project")
project = azuredevops.get_security_namespace_token(namespace_name="Project",
    identifiers={
        "project_id": example.id,
    })
pulumi.export("projectToken", project.token)

package main

import (
	"github.com/pulumi/pulumi-azuredevops/sdk/v3/go/azuredevops"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		example, err := azuredevops.LookupProject(ctx, &azuredevops.LookupProjectArgs{
			Name: pulumi.StringRef("Example Project"),
		}, nil)
		if err != nil {
			return err
		}
		project, err := azuredevops.GetSecurityNamespaceToken(ctx, &azuredevops.GetSecurityNamespaceTokenArgs{
			NamespaceName: pulumi.StringRef("Project"),
			Identifiers: pulumi.StringMap{
				"project_id": example.Id,
			},
		}, nil)
		if err != nil {
			return err
		}
		ctx.Export("projectToken", project.Token)
		return nil
	})
}

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using AzureDevOps = Pulumi.AzureDevOps;

return await Deployment.RunAsync(() => 
{
    var example = AzureDevOps.GetProject.Invoke(new()
    {
        Name = "Example Project",
    });

    var project = AzureDevOps.GetSecurityNamespaceToken.Invoke(new()
    {
        NamespaceName = "Project",
        Identifiers = 
        {
            { "project_id", example.Apply(getProjectResult => getProjectResult.Id) },
        },
    });

    return new Dictionary<string, object?>
    {
        ["projectToken"] = project.Apply(getSecurityNamespaceTokenResult => getSecurityNamespaceTokenResult.Token),
    };
});

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azuredevops.AzuredevopsFunctions;
import com.pulumi.azuredevops.inputs.GetProjectArgs;
import com.pulumi.azuredevops.inputs.GetSecurityNamespaceTokenArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        final var example = AzuredevopsFunctions.getProject(GetProjectArgs.builder()
            .name("Example Project")
            .build());

        final var project = AzuredevopsFunctions.getSecurityNamespaceToken(GetSecurityNamespaceTokenArgs.builder()
            .namespaceName("Project")
            .identifiers(Map.of("project_id", example.id()))
            .build());

        ctx.export("projectToken", project.token());
    }
}

variables:
  example:
    fn::invoke:
      function: azuredevops:getProject
      arguments:
        name: Example Project
  project:
    fn::invoke:
      function: azuredevops:getSecurityNamespaceToken
      arguments:
        namespaceName: Project
        identifiers:
          project_id: ${example.id}
outputs:
  projectToken: ${project.token}

Git Repository Token

import * as pulumi from "@pulumi/pulumi";
import * as azuredevops from "@pulumi/azuredevops";

const example = azuredevops.getProject({
    name: "Example Project",
});
const exampleGetGitRepository = example.then(example => azuredevops.getGitRepository({
    projectId: example.id,
    name: "Example Repository",
}));
const gitRepo = Promise.all([example, exampleGetGitRepository]).then(([example, exampleGetGitRepository]) => azuredevops.getSecurityNamespaceToken({
    namespaceName: "Git Repositories",
    identifiers: {
        project_id: example.id,
        repository_id: exampleGetGitRepository.id,
    },
}));
export const gitRepoToken = gitRepo.then(gitRepo => gitRepo.token);

import pulumi
import pulumi_azuredevops as azuredevops

example = azuredevops.get_project(name="Example Project")
example_get_git_repository = azuredevops.get_git_repository(project_id=example.id,
    name="Example Repository")
git_repo = azuredevops.get_security_namespace_token(namespace_name="Git Repositories",
    identifiers={
        "project_id": example.id,
        "repository_id": example_get_git_repository.id,
    })
pulumi.export("gitRepoToken", git_repo.token)

package main

import (
	"github.com/pulumi/pulumi-azuredevops/sdk/v3/go/azuredevops"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		example, err := azuredevops.LookupProject(ctx, &azuredevops.LookupProjectArgs{
			Name: pulumi.StringRef("Example Project"),
		}, nil)
		if err != nil {
			return err
		}
		exampleGetGitRepository, err := azuredevops.GetGitRepository(ctx, &azuredevops.GetGitRepositoryArgs{
			ProjectId: example.Id,
			Name:      "Example Repository",
		}, nil)
		if err != nil {
			return err
		}
		gitRepo, err := azuredevops.GetSecurityNamespaceToken(ctx, &azuredevops.GetSecurityNamespaceTokenArgs{
			NamespaceName: pulumi.StringRef("Git Repositories"),
			Identifiers: pulumi.StringMap{
				"project_id":    example.Id,
				"repository_id": exampleGetGitRepository.Id,
			},
		}, nil)
		if err != nil {
			return err
		}
		ctx.Export("gitRepoToken", gitRepo.Token)
		return nil
	})
}

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using AzureDevOps = Pulumi.AzureDevOps;

return await Deployment.RunAsync(() => 
{
    var example = AzureDevOps.GetProject.Invoke(new()
    {
        Name = "Example Project",
    });

    var exampleGetGitRepository = AzureDevOps.GetGitRepository.Invoke(new()
    {
        ProjectId = example.Apply(getProjectResult => getProjectResult.Id),
        Name = "Example Repository",
    });

    var gitRepo = AzureDevOps.GetSecurityNamespaceToken.Invoke(new()
    {
        NamespaceName = "Git Repositories",
        Identifiers = 
        {
            { "project_id", example.Apply(getProjectResult => getProjectResult.Id) },
            { "repository_id", exampleGetGitRepository.Apply(getGitRepositoryResult => getGitRepositoryResult.Id) },
        },
    });

    return new Dictionary<string, object?>
    {
        ["gitRepoToken"] = gitRepo.Apply(getSecurityNamespaceTokenResult => getSecurityNamespaceTokenResult.Token),
    };
});

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azuredevops.AzuredevopsFunctions;
import com.pulumi.azuredevops.inputs.GetProjectArgs;
import com.pulumi.azuredevops.inputs.GetGitRepositoryArgs;
import com.pulumi.azuredevops.inputs.GetSecurityNamespaceTokenArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        final var example = AzuredevopsFunctions.getProject(GetProjectArgs.builder()
            .name("Example Project")
            .build());

        final var exampleGetGitRepository = AzuredevopsFunctions.getGitRepository(GetGitRepositoryArgs.builder()
            .projectId(example.id())
            .name("Example Repository")
            .build());

        final var gitRepo = AzuredevopsFunctions.getSecurityNamespaceToken(GetSecurityNamespaceTokenArgs.builder()
            .namespaceName("Git Repositories")
            .identifiers(Map.ofEntries(
                Map.entry("project_id", example.id()),
                Map.entry("repository_id", exampleGetGitRepository.id())
            ))
            .build());

        ctx.export("gitRepoToken", gitRepo.token());
    }
}

variables:
  example:
    fn::invoke:
      function: azuredevops:getProject
      arguments:
        name: Example Project
  exampleGetGitRepository:
    fn::invoke:
      function: azuredevops:getGitRepository
      arguments:
        projectId: ${example.id}
        name: Example Repository
  gitRepo:
    fn::invoke:
      function: azuredevops:getSecurityNamespaceToken
      arguments:
        namespaceName: Git Repositories
        identifiers:
          project_id: ${example.id}
          repository_id: ${exampleGetGitRepository.id}
outputs:
  gitRepoToken: ${gitRepo.token}

Git Repository Branch Token

import * as pulumi from "@pulumi/pulumi";
import * as azuredevops from "@pulumi/azuredevops";

const example = azuredevops.getProject({
    name: "Example Project",
});
const exampleGetGitRepository = example.then(example => azuredevops.getGitRepository({
    projectId: example.id,
    name: "Example Repository",
}));
const gitBranch = Promise.all([example, exampleGetGitRepository]).then(([example, exampleGetGitRepository]) => azuredevops.getSecurityNamespaceToken({
    namespaceName: "Git Repositories",
    identifiers: {
        project_id: example.id,
        repository_id: exampleGetGitRepository.id,
        ref_name: "refs/heads/main",
    },
}));
export const gitBranchToken = gitBranch.then(gitBranch => gitBranch.token);

import pulumi
import pulumi_azuredevops as azuredevops

example = azuredevops.get_project(name="Example Project")
example_get_git_repository = azuredevops.get_git_repository(project_id=example.id,
    name="Example Repository")
git_branch = azuredevops.get_security_namespace_token(namespace_name="Git Repositories",
    identifiers={
        "project_id": example.id,
        "repository_id": example_get_git_repository.id,
        "ref_name": "refs/heads/main",
    })
pulumi.export("gitBranchToken", git_branch.token)

package main

import (
	"github.com/pulumi/pulumi-azuredevops/sdk/v3/go/azuredevops"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		example, err := azuredevops.LookupProject(ctx, &azuredevops.LookupProjectArgs{
			Name: pulumi.StringRef("Example Project"),
		}, nil)
		if err != nil {
			return err
		}
		exampleGetGitRepository, err := azuredevops.GetGitRepository(ctx, &azuredevops.GetGitRepositoryArgs{
			ProjectId: example.Id,
			Name:      "Example Repository",
		}, nil)
		if err != nil {
			return err
		}
		gitBranch, err := azuredevops.GetSecurityNamespaceToken(ctx, &azuredevops.GetSecurityNamespaceTokenArgs{
			NamespaceName: pulumi.StringRef("Git Repositories"),
			Identifiers: pulumi.StringMap{
				"project_id":    example.Id,
				"repository_id": exampleGetGitRepository.Id,
				"ref_name":      "refs/heads/main",
			},
		}, nil)
		if err != nil {
			return err
		}
		ctx.Export("gitBranchToken", gitBranch.Token)
		return nil
	})
}

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using AzureDevOps = Pulumi.AzureDevOps;

return await Deployment.RunAsync(() => 
{
    var example = AzureDevOps.GetProject.Invoke(new()
    {
        Name = "Example Project",
    });

    var exampleGetGitRepository = AzureDevOps.GetGitRepository.Invoke(new()
    {
        ProjectId = example.Apply(getProjectResult => getProjectResult.Id),
        Name = "Example Repository",
    });

    var gitBranch = AzureDevOps.GetSecurityNamespaceToken.Invoke(new()
    {
        NamespaceName = "Git Repositories",
        Identifiers = 
        {
            { "project_id", example.Apply(getProjectResult => getProjectResult.Id) },
            { "repository_id", exampleGetGitRepository.Apply(getGitRepositoryResult => getGitRepositoryResult.Id) },
            { "ref_name", "refs/heads/main" },
        },
    });

    return new Dictionary<string, object?>
    {
        ["gitBranchToken"] = gitBranch.Apply(getSecurityNamespaceTokenResult => getSecurityNamespaceTokenResult.Token),
    };
});

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azuredevops.AzuredevopsFunctions;
import com.pulumi.azuredevops.inputs.GetProjectArgs;
import com.pulumi.azuredevops.inputs.GetGitRepositoryArgs;
import com.pulumi.azuredevops.inputs.GetSecurityNamespaceTokenArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        final var example = AzuredevopsFunctions.getProject(GetProjectArgs.builder()
            .name("Example Project")
            .build());

        final var exampleGetGitRepository = AzuredevopsFunctions.getGitRepository(GetGitRepositoryArgs.builder()
            .projectId(example.id())
            .name("Example Repository")
            .build());

        final var gitBranch = AzuredevopsFunctions.getSecurityNamespaceToken(GetSecurityNamespaceTokenArgs.builder()
            .namespaceName("Git Repositories")
            .identifiers(Map.ofEntries(
                Map.entry("project_id", example.id()),
                Map.entry("repository_id", exampleGetGitRepository.id()),
                Map.entry("ref_name", "refs/heads/main")
            ))
            .build());

        ctx.export("gitBranchToken", gitBranch.token());
    }
}

variables:
  example:
    fn::invoke:
      function: azuredevops:getProject
      arguments:
        name: Example Project
  exampleGetGitRepository:
    fn::invoke:
      function: azuredevops:getGitRepository
      arguments:
        projectId: ${example.id}
        name: Example Repository
  gitBranch:
    fn::invoke:
      function: azuredevops:getSecurityNamespaceToken
      arguments:
        namespaceName: Git Repositories
        identifiers:
          project_id: ${example.id}
          repository_id: ${exampleGetGitRepository.id}
          ref_name: refs/heads/main
outputs:
  gitBranchToken: ${gitBranch.token}

Build Definition Token

import * as pulumi from "@pulumi/pulumi";
import * as azuredevops from "@pulumi/azuredevops";

const example = azuredevops.getProject({
    name: "Example Project",
});
const exampleGetBuildDefinition = example.then(example => azuredevops.getBuildDefinition({
    projectId: example.id,
    name: "Example Build Pipeline",
}));
const buildDef = Promise.all([example, exampleGetBuildDefinition]).then(([example, exampleGetBuildDefinition]) => azuredevops.getSecurityNamespaceToken({
    namespaceName: "Build",
    identifiers: {
        project_id: example.id,
        definition_id: exampleGetBuildDefinition.id,
    },
}));
export const buildDefToken = buildDef.then(buildDef => buildDef.token);

import pulumi
import pulumi_azuredevops as azuredevops

example = azuredevops.get_project(name="Example Project")
example_get_build_definition = azuredevops.get_build_definition(project_id=example.id,
    name="Example Build Pipeline")
build_def = azuredevops.get_security_namespace_token(namespace_name="Build",
    identifiers={
        "project_id": example.id,
        "definition_id": example_get_build_definition.id,
    })
pulumi.export("buildDefToken", build_def.token)

package main

import (
	"github.com/pulumi/pulumi-azuredevops/sdk/v3/go/azuredevops"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		example, err := azuredevops.LookupProject(ctx, &azuredevops.LookupProjectArgs{
			Name: pulumi.StringRef("Example Project"),
		}, nil)
		if err != nil {
			return err
		}
		exampleGetBuildDefinition, err := azuredevops.LookupBuildDefinition(ctx, &azuredevops.LookupBuildDefinitionArgs{
			ProjectId: example.Id,
			Name:      "Example Build Pipeline",
		}, nil)
		if err != nil {
			return err
		}
		buildDef, err := azuredevops.GetSecurityNamespaceToken(ctx, &azuredevops.GetSecurityNamespaceTokenArgs{
			NamespaceName: pulumi.StringRef("Build"),
			Identifiers: pulumi.StringMap{
				"project_id":    example.Id,
				"definition_id": exampleGetBuildDefinition.Id,
			},
		}, nil)
		if err != nil {
			return err
		}
		ctx.Export("buildDefToken", buildDef.Token)
		return nil
	})
}

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using AzureDevOps = Pulumi.AzureDevOps;

return await Deployment.RunAsync(() => 
{
    var example = AzureDevOps.GetProject.Invoke(new()
    {
        Name = "Example Project",
    });

    var exampleGetBuildDefinition = AzureDevOps.GetBuildDefinition.Invoke(new()
    {
        ProjectId = example.Apply(getProjectResult => getProjectResult.Id),
        Name = "Example Build Pipeline",
    });

    var buildDef = AzureDevOps.GetSecurityNamespaceToken.Invoke(new()
    {
        NamespaceName = "Build",
        Identifiers = 
        {
            { "project_id", example.Apply(getProjectResult => getProjectResult.Id) },
            { "definition_id", exampleGetBuildDefinition.Apply(getBuildDefinitionResult => getBuildDefinitionResult.Id) },
        },
    });

    return new Dictionary<string, object?>
    {
        ["buildDefToken"] = buildDef.Apply(getSecurityNamespaceTokenResult => getSecurityNamespaceTokenResult.Token),
    };
});

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azuredevops.AzuredevopsFunctions;
import com.pulumi.azuredevops.inputs.GetProjectArgs;
import com.pulumi.azuredevops.inputs.GetBuildDefinitionArgs;
import com.pulumi.azuredevops.inputs.GetSecurityNamespaceTokenArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        final var example = AzuredevopsFunctions.getProject(GetProjectArgs.builder()
            .name("Example Project")
            .build());

        final var exampleGetBuildDefinition = AzuredevopsFunctions.getBuildDefinition(GetBuildDefinitionArgs.builder()
            .projectId(example.id())
            .name("Example Build Pipeline")
            .build());

        final var buildDef = AzuredevopsFunctions.getSecurityNamespaceToken(GetSecurityNamespaceTokenArgs.builder()
            .namespaceName("Build")
            .identifiers(Map.ofEntries(
                Map.entry("project_id", example.id()),
                Map.entry("definition_id", exampleGetBuildDefinition.id())
            ))
            .build());

        ctx.export("buildDefToken", buildDef.token());
    }
}

variables:
  example:
    fn::invoke:
      function: azuredevops:getProject
      arguments:
        name: Example Project
  exampleGetBuildDefinition:
    fn::invoke:
      function: azuredevops:getBuildDefinition
      arguments:
        projectId: ${example.id}
        name: Example Build Pipeline
  buildDef:
    fn::invoke:
      function: azuredevops:getSecurityNamespaceToken
      arguments:
        namespaceName: Build
        identifiers:
          project_id: ${example.id}
          definition_id: ${exampleGetBuildDefinition.id}
outputs:
  buildDefToken: ${buildDef.token}

Using Namespace ID

import * as pulumi from "@pulumi/pulumi";
import * as azuredevops from "@pulumi/azuredevops";

const analytics = azuredevops.getSecurityNamespaceToken({
    namespaceId: "58450c49-b02d-465a-ab12-59ae512d6531",
    identifiers: {
        project_id: example.id,
    },
});

import pulumi
import pulumi_azuredevops as azuredevops

analytics = azuredevops.get_security_namespace_token(namespace_id="58450c49-b02d-465a-ab12-59ae512d6531",
    identifiers={
        "project_id": example["id"],
    })

package main

import (
	"github.com/pulumi/pulumi-azuredevops/sdk/v3/go/azuredevops"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := azuredevops.GetSecurityNamespaceToken(ctx, &azuredevops.GetSecurityNamespaceTokenArgs{
			NamespaceId: pulumi.StringRef("58450c49-b02d-465a-ab12-59ae512d6531"),
			Identifiers: pulumi.StringMap{
				"project_id": example.Id,
			},
		}, nil)
		if err != nil {
			return err
		}
		return nil
	})
}

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using AzureDevOps = Pulumi.AzureDevOps;

return await Deployment.RunAsync(() => 
{
    var analytics = AzureDevOps.GetSecurityNamespaceToken.Invoke(new()
    {
        NamespaceId = "58450c49-b02d-465a-ab12-59ae512d6531",
        Identifiers = 
        {
            { "project_id", example.Id },
        },
    });

});

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azuredevops.AzuredevopsFunctions;
import com.pulumi.azuredevops.inputs.GetSecurityNamespaceTokenArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        final var analytics = AzuredevopsFunctions.getSecurityNamespaceToken(GetSecurityNamespaceTokenArgs.builder()
            .namespaceId("58450c49-b02d-465a-ab12-59ae512d6531")
            .identifiers(Map.of("project_id", example.id()))
            .build());

    }
}

variables:
  analytics:
    fn::invoke:
      function: azuredevops:getSecurityNamespaceToken
      arguments:
        namespaceId: 58450c49-b02d-465a-ab12-59ae512d6531
        identifiers:
          project_id: ${example.id}

Relevant Links

Notes

Security tokens are namespace-specific string identifiers that represent resources within Azure DevOps
Tokens are used in conjunction with security permissions to control access to various resources
The format of the token varies depending on the namespace and the resource being targeted
For Git repositories, you can specify tokens at the repository level or branch level by providing the ref_name identifier
Branch reference names must follow the Git reference format (e.g., refs/heads/main, refs/tags/v1.0.0)

Using getSecurityNamespaceToken

Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.

function getSecurityNamespaceToken(args: GetSecurityNamespaceTokenArgs, opts?: InvokeOptions): Promise<GetSecurityNamespaceTokenResult>
function getSecurityNamespaceTokenOutput(args: GetSecurityNamespaceTokenOutputArgs, opts?: InvokeOptions): Output<GetSecurityNamespaceTokenResult>

def get_security_namespace_token(identifiers: Optional[Mapping[str, str]] = None,
                                 namespace_id: Optional[str] = None,
                                 namespace_name: Optional[str] = None,
                                 return_identifier_info: Optional[bool] = None,
                                 opts: Optional[InvokeOptions] = None) -> GetSecurityNamespaceTokenResult
def get_security_namespace_token_output(identifiers: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
                                 namespace_id: Optional[pulumi.Input[str]] = None,
                                 namespace_name: Optional[pulumi.Input[str]] = None,
                                 return_identifier_info: Optional[pulumi.Input[bool]] = None,
                                 opts: Optional[InvokeOptions] = None) -> Output[GetSecurityNamespaceTokenResult]

func GetSecurityNamespaceToken(ctx *Context, args *GetSecurityNamespaceTokenArgs, opts ...InvokeOption) (*GetSecurityNamespaceTokenResult, error)
func GetSecurityNamespaceTokenOutput(ctx *Context, args *GetSecurityNamespaceTokenOutputArgs, opts ...InvokeOption) GetSecurityNamespaceTokenResultOutput

> Note: This function is named GetSecurityNamespaceToken in the Go SDK.

public static class GetSecurityNamespaceToken 
{
    public static Task<GetSecurityNamespaceTokenResult> InvokeAsync(GetSecurityNamespaceTokenArgs args, InvokeOptions? opts = null)
    public static Output<GetSecurityNamespaceTokenResult> Invoke(GetSecurityNamespaceTokenInvokeArgs args, InvokeOptions? opts = null)
}

public static CompletableFuture<GetSecurityNamespaceTokenResult> getSecurityNamespaceToken(GetSecurityNamespaceTokenArgs args, InvokeOptions options)
public static Output<GetSecurityNamespaceTokenResult> getSecurityNamespaceToken(GetSecurityNamespaceTokenArgs args, InvokeOptions options)

fn::invoke:
  function: azuredevops:index/getSecurityNamespaceToken:getSecurityNamespaceToken
  arguments:
    # arguments dictionary

The following arguments are supported:

Identifiers Dictionary<string, string>

A map of identifiers required for token generation. The required identifiers depend on the namespace. Not used when return_identifier_info is true.

NamespaceId string

The ID of the security namespace. Conflicts with namespace_name.

NamespaceName string

The name of the security namespace. Conflicts with namespace_id. Common values include:

Collection - Organization/collection-level permissions
Project - Project-level permissions
Git Repositories - Git repository permissions
Analytics - Analytics permissions
AnalyticsViews - Analytics Views permissions
Process - Process permissions
AuditLog - Audit log permissions
BuildAdministration - Build administration permissions
Server - Server-level permissions
VersionControlPrivileges - Version control privileges

ReturnIdentifierInfo bool

When set to true, the data source will return the lists of required and optional identifiers for the namespace instead of generating a token. This is useful for discovering what identifiers are needed for a particular namespace. Default: false.

NOTE: One of either namespace_id or namespace_name must be specified.

Identifiers map[string]string

A map of identifiers required for token generation. The required identifiers depend on the namespace. Not used when return_identifier_info is true.

NamespaceId string

The ID of the security namespace. Conflicts with namespace_name.

NamespaceName string

The name of the security namespace. Conflicts with namespace_id. Common values include:

Collection - Organization/collection-level permissions
Project - Project-level permissions
Git Repositories - Git repository permissions
Analytics - Analytics permissions
AnalyticsViews - Analytics Views permissions
Process - Process permissions
AuditLog - Audit log permissions
BuildAdministration - Build administration permissions
Server - Server-level permissions
VersionControlPrivileges - Version control privileges

ReturnIdentifierInfo bool

NOTE: One of either namespace_id or namespace_name must be specified.

identifiers Map<String,String>

A map of identifiers required for token generation. The required identifiers depend on the namespace. Not used when return_identifier_info is true.

namespaceId String

The ID of the security namespace. Conflicts with namespace_name.

namespaceName String

The name of the security namespace. Conflicts with namespace_id. Common values include:

Collection - Organization/collection-level permissions
Project - Project-level permissions
Git Repositories - Git repository permissions
Analytics - Analytics permissions
AnalyticsViews - Analytics Views permissions
Process - Process permissions
AuditLog - Audit log permissions
BuildAdministration - Build administration permissions
Server - Server-level permissions
VersionControlPrivileges - Version control privileges

returnIdentifierInfo Boolean

NOTE: One of either namespace_id or namespace_name must be specified.

identifiers {[key: string]: string}

A map of identifiers required for token generation. The required identifiers depend on the namespace. Not used when return_identifier_info is true.

namespaceId string

The ID of the security namespace. Conflicts with namespace_name.

namespaceName string

The name of the security namespace. Conflicts with namespace_id. Common values include:

Collection - Organization/collection-level permissions
Project - Project-level permissions
Git Repositories - Git repository permissions
Analytics - Analytics permissions
AnalyticsViews - Analytics Views permissions
Process - Process permissions
AuditLog - Audit log permissions
BuildAdministration - Build administration permissions
Server - Server-level permissions
VersionControlPrivileges - Version control privileges

returnIdentifierInfo boolean

NOTE: One of either namespace_id or namespace_name must be specified.

identifiers Mapping[str, str]

A map of identifiers required for token generation. The required identifiers depend on the namespace. Not used when return_identifier_info is true.

namespace_id str

The ID of the security namespace. Conflicts with namespace_name.

namespace_name str

The name of the security namespace. Conflicts with namespace_id. Common values include:

Collection - Organization/collection-level permissions
Project - Project-level permissions
Git Repositories - Git repository permissions
Analytics - Analytics permissions
AnalyticsViews - Analytics Views permissions
Process - Process permissions
AuditLog - Audit log permissions
BuildAdministration - Build administration permissions
Server - Server-level permissions
VersionControlPrivileges - Version control privileges

return_identifier_info bool

NOTE: One of either namespace_id or namespace_name must be specified.

identifiers Map<String>

A map of identifiers required for token generation. The required identifiers depend on the namespace. Not used when return_identifier_info is true.

namespaceId String

The ID of the security namespace. Conflicts with namespace_name.

namespaceName String

The name of the security namespace. Conflicts with namespace_id. Common values include:

Collection - Organization/collection-level permissions
Project - Project-level permissions
Git Repositories - Git repository permissions
Analytics - Analytics permissions
AnalyticsViews - Analytics Views permissions
Process - Process permissions
AuditLog - Audit log permissions
BuildAdministration - Build administration permissions
Server - Server-level permissions
VersionControlPrivileges - Version control privileges

returnIdentifierInfo Boolean

NOTE: One of either namespace_id or namespace_name must be specified.

getSecurityNamespaceToken Result

The following output properties are available:

Id string: The provider-assigned unique ID for this managed resource.
OptionalIdentifiers List<string>: A list of optional identifier names for this namespace. Only populated when return_identifier_info is true.
RequiredIdentifiers List<string>: A list of required identifier names for this namespace. Only populated when return_identifier_info is true.
Token string: The generated security token for the namespace. This token can be used with the azuredevops.SecurityPermissions resource. Only populated when return_identifier_info is false.
Identifiers Dictionary<string, string>
NamespaceId string
NamespaceName string
ReturnIdentifierInfo bool

Id string: The provider-assigned unique ID for this managed resource.
OptionalIdentifiers []string: A list of optional identifier names for this namespace. Only populated when return_identifier_info is true.
RequiredIdentifiers []string: A list of required identifier names for this namespace. Only populated when return_identifier_info is true.
Token string: The generated security token for the namespace. This token can be used with the azuredevops.SecurityPermissions resource. Only populated when return_identifier_info is false.
Identifiers map[string]string
NamespaceId string
NamespaceName string
ReturnIdentifierInfo bool

id String: The provider-assigned unique ID for this managed resource.
optionalIdentifiers List<String>: A list of optional identifier names for this namespace. Only populated when return_identifier_info is true.
requiredIdentifiers List<String>: A list of required identifier names for this namespace. Only populated when return_identifier_info is true.
token String: The generated security token for the namespace. This token can be used with the azuredevops.SecurityPermissions resource. Only populated when return_identifier_info is false.
identifiers Map<String,String>
namespaceId String
namespaceName String
returnIdentifierInfo Boolean

id string: The provider-assigned unique ID for this managed resource.
optionalIdentifiers string[]: A list of optional identifier names for this namespace. Only populated when return_identifier_info is true.
requiredIdentifiers string[]: A list of required identifier names for this namespace. Only populated when return_identifier_info is true.
token string: The generated security token for the namespace. This token can be used with the azuredevops.SecurityPermissions resource. Only populated when return_identifier_info is false.
identifiers {[key: string]: string}
namespaceId string
namespaceName string
returnIdentifierInfo boolean

id str: The provider-assigned unique ID for this managed resource.
optional_identifiers Sequence[str]: A list of optional identifier names for this namespace. Only populated when return_identifier_info is true.
required_identifiers Sequence[str]: A list of required identifier names for this namespace. Only populated when return_identifier_info is true.
token str: The generated security token for the namespace. This token can be used with the azuredevops.SecurityPermissions resource. Only populated when return_identifier_info is false.
identifiers Mapping[str, str]
namespace_id str
namespace_name str
return_identifier_info bool

id String: The provider-assigned unique ID for this managed resource.
optionalIdentifiers List<String>: A list of optional identifier names for this namespace. Only populated when return_identifier_info is true.
requiredIdentifiers List<String>: A list of required identifier names for this namespace. Only populated when return_identifier_info is true.
token String: The generated security token for the namespace. This token can be used with the azuredevops.SecurityPermissions resource. Only populated when return_identifier_info is false.
identifiers Map<String>
namespaceId String
namespaceName String
returnIdentifierInfo Boolean

Package Details

Repository: Azure DevOps pulumi/pulumi-azuredevops
License: Apache-2.0
Notes: This Pulumi package is based on the azuredevops Terraform Provider.

Viewing docs for Azure DevOps v3.14.0
published on Tuesday, Mar 24, 2026 by Pulumi

Schema (JSON)

pulumi/pulumi-azuredevops

azuredevops.getSecurityNamespaceToken

On this page

On this page

Example Usage

Discovering Required Identifiers for a Namespace

Collection-level Token

Project-level Token

Git Repository Token

Git Repository Branch Token

Build Definition Token

Using Namespace ID

Relevant Links

Notes

Using getSecurityNamespaceToken

getSecurityNamespaceToken Result

Package Details

On this page

On this page