# Troubleshooting Azure DevOps permission errors

#### When performing backup or restore operations with Azure DevOps, you may occasionally encounter access related errors. While some messages are generic, Azure DevOps often provides specific error codes and descriptions that point directly to the missing permission.

***

## Understanding permission errors

If a task fails due to insufficient privileges, **GitProtect** will display the error returned by the **Azure DevOps** API in the task summary. These messages usually follow a structured format containing a message and a **typeName**.

<table><thead><tr><th width="155">Error code</th><th width="286">Message example</th><th>Resolution</th></tr></thead><tbody><tr><td>TF401027</td><td>"You need the Git 'CreateRepository' permission to perform this action."</td><td>The account lacks the <strong>Create repository</strong> permission at the repositories level.</td></tr><tr><td>VS402356</td><td>"You do not have the permissions required to perform the attempted operation on this process."</td><td>The account lacks the <strong>Create process</strong> or <strong>Edit process</strong> permission at the organization level.</td></tr><tr><td>TF50309</td><td>"The following permissions are needed to perform this operation: Create new projects."</td><td>The account lacks the <strong>Create new projects</strong> permission at the organization level.</td></tr><tr><td>VS800075</td><td>"The project with id 'proj' does not exist, or you do not have permission to access it."</td><td>Generic error, this occurs when the account has no access to the project at all. Verify the user access level and project-level memberships.</td></tr></tbody></table>

***

## Resolving permission errors

If you encounter one of the specific errors listed above, follow these steps to adjust your configuration:

{% stepper %}
{% step %}
Look at the error message to see if the scope is project, organization, or repository.
{% endstep %}

{% step %}
Ensure the identity mentioned in the error (e.g., <kbd>identity '...\\\\<user@example.com>'</kbd>) matches the account used for the **GitProtect** integration.
{% endstep %}

{% step %}
Adjust settings in **Azure DevOps**.

1. Navigate to **Project Settings** or **Organization Settings** in **Azure DevOps**.
2. Go to the **Permissions** or **Security** tab.
3. Find the user or the group the user belongs to and set the missing permission (e.g., **Create new projects**) to **Allow**.
   {% endstep %}

{% step %}
Once the permissions are updated, go back to **GitProtect** and restart the failed task.
{% endstep %}
{% endstepper %}

{% hint style="info" %}
Just like with **GitHub** integrations, **GitProtect** dynamically processes error messages to help you identify exactly which permission needs to be added to your **Azure DevOps** account. Always check the task summary for a detailed list of required permissions.
{% endhint %}


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://helpcenter.gitprotect.io/troubleshooting/troubleshooting-azure-devops-permission-errors.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.