You have an Azure DevOps organization named Contoso.
You need to recommend an authentication mechanism that meets the following requirements:
-> Supports authentication from Git
-> Minimizes the need to provide credentials during authentication
What should you recommend?
Click on the arrows to vote for the correct answer
A. B. C. D.A
Personal access tokens (PATs) give you access to Azure DevOps and Team Foundation Server (TFS), without using your username and password directly.
These tokens have an expiration date from when they're created. You can restrict the scope of the data they can access. Use PATs to authenticate if you don't already have SSH keys set up on your system or if you need to restrict the permissions that are granted by the credential.
Incorrect Answers:
B: Azure DevOps no longer supports Alternate Credentials authentication since the beginning of March 2, 2020. If you're still using Alternate Credentials, we
[Microsoft] strongly encourage you to switch to a more secure authentication method (for example, personal access tokens).
https://docs.microsoft.com/en-us/azure/devops/repos/git/auth-overviewTo meet the given requirements, we need an authentication mechanism that supports Git authentication and minimizes the need for providing credentials during authentication.
Out of the given options, personal access tokens (PATs) in Azure DevOps best meet these requirements. Here's why:
A. Personal access tokens (PATs) in Azure DevOps: Personal access tokens (PATs) provide an alternative authentication method that can be used instead of a username and password when connecting to Azure DevOps from Git. PATs are long-lived tokens that can be generated by a user and can be used to authenticate with Azure DevOps services. By using PATs, users can avoid providing their username and password every time they perform Git operations. Moreover, PATs can be scoped to limit access to specific resources in Azure DevOps, which adds an extra layer of security to the authentication process.
B. Alternate credentials in Azure DevOps: Alternate credentials are another way to authenticate with Azure DevOps. They are a combination of a username and a password that can be used to authenticate with Azure DevOps services. However, alternate credentials are not recommended as they are less secure than other authentication methods, such as PATs, and are not supported in newer versions of Azure DevOps.
C. User accounts in Azure Active Directory (Azure AD): User accounts in Azure AD can be used to authenticate with Azure DevOps. However, this method may not be suitable for minimizing the need to provide credentials during authentication, as users would still need to provide their username and password to authenticate.
D. Managed identities in Azure Active Directory (Azure AD): Managed identities are another way to authenticate with Azure AD. However, they are not relevant for Git authentication in Azure DevOps.
Therefore, the recommended authentication mechanism that meets the given requirements is personal access tokens (PATs) in Azure DevOps.