From 787c7cfc446f031288d6b53cd7d448774fcd8a5e Mon Sep 17 00:00:00 2001 From: Zdravko Kolev Date: Thu, 22 May 2025 16:24:39 +0300 Subject: [PATCH 1/5] Azure integration topic --- en/generate-app/azure-integration.md | 60 ++++++++++++++++++++++++++++ en/sidebar-toc/toc.yml | 4 ++ 2 files changed, 64 insertions(+) create mode 100644 en/generate-app/azure-integration.md diff --git a/en/generate-app/azure-integration.md b/en/generate-app/azure-integration.md new file mode 100644 index 0000000..8f7ab4f --- /dev/null +++ b/en/generate-app/azure-integration.md @@ -0,0 +1,60 @@ +--- +title: Microsoft Account Types Supported for publishing apps to Azure DevOps with App Builder +_description: Understand which Microsoft account types are supported when connecting Azure DevOps to App Builder, and how domain verification affects authentication and access. +_keywords: App Builder, Azure DevOps, Microsoft Accounts, Work Accounts, Personal Microsoft Accounts, Domain Verification, Azure AD, Authentication, Infragistics +--- + +# Set Up Microsoft Partner Network (MPN) and Account Types for Azure DevOps Integration + +## Overview + +This guide helps you understand how different Microsoft account types impact authentication when integrating Azure DevOps with App Builder. Knowing whether your users are using work or personal Microsoft accounts is critical to ensuring successful and secure integration. + +## Supported Microsoft Account Types + +Azure DevOps supports organizational accounts (Work/School), while **Personal Microsoft accounts** have limited support due to Microsoft’s identity model. + +### Work and School Accounts + +- Examples: user@company.com, user@tenant.onmicrosoft.com +- Authentication: Works out-of-the-box +- No additional configuration required (if Azure DevOps is correctly set up) +- Can authorize access without administrator consent (depending on tenant policies) + +### Personal Microsoft Accounts + +These are user-created accounts (e.g., @outlook.com, @hotmail.com) and are not supported directly for Azure DevOps integration in App Builder. + +- Authentication will fail +- Common error: AADSTS500202: Personal Microsoft account not supported +- Workaround: Convert personal accounts to organizational accounts or add them as guests in the organization’s Azure tenant + +## Domain Verification & Account Classification + +Azure treats accounts differently based on domain verification status: + +| **Account Email** | **Domain Status** | **Account Type** | **Behavior** | +| ----------------------------- | --------------------- | ---------------- | --------------------------------------- | +| `user@company.com` | Verified | Work | Works out-of-box | +| `user@tenant.onmicrosoft.com` | Built-in Azure domain | Work | Works out-of-box | +| `user@outlook.com` | N/A | Personal | Will not work directly | +| `user@mydomain.com` | Unverified | Personal | Will not work unless domain is verified | + +To verify a domain in Azure AD: + +1. Go to **Microsoft Entra ID** > **Custom domain names** +2. Add your domain and follow DNS verification steps (e.g., TXT record) + + +## Best Practices for External Organizations + +To ensure successful integration with App Builder: + +1. **Use work/school accounts** associated with an Azure AD tenant +2. **Verify your custom domains** in Azure AD +3. Configure **Azure DevOps to use your Azure AD directory** +4. Ensure an **Azure DevOps service principal** is created +5. For users with personal accounts: + * Add them as **guests** to your Azure tenant, or + * Create **organizational work accounts**, or + * Set up a **self-service onboarding flow** (for advanced scenarios) diff --git a/en/sidebar-toc/toc.yml b/en/sidebar-toc/toc.yml index f59b3e4..596ce9b 100644 --- a/en/sidebar-toc/toc.yml +++ b/en/sidebar-toc/toc.yml @@ -165,6 +165,10 @@ href: ../generate-app/upload-application-to-github.md new: false updated: false + - name: Upload application to Azure DevOps + href: ../generate-app/azure-integration.md + new: true + updated: false - name: Run Application Locally href: ../generate-app/run-application-locally.md - name: Change Log From c3ddddf33e194d81917b10a40309ba3f4f8f68e9 Mon Sep 17 00:00:00 2001 From: Zdravko Kolev Date: Fri, 23 May 2025 16:57:28 +0300 Subject: [PATCH 2/5] final changes --- en/generate-app/azure-integration.md | 130 +++++++++++++++++++-------- 1 file changed, 93 insertions(+), 37 deletions(-) diff --git a/en/generate-app/azure-integration.md b/en/generate-app/azure-integration.md index 8f7ab4f..8bc131f 100644 --- a/en/generate-app/azure-integration.md +++ b/en/generate-app/azure-integration.md @@ -1,60 +1,116 @@ --- -title: Microsoft Account Types Supported for publishing apps to Azure DevOps with App Builder -_description: Understand which Microsoft account types are supported when connecting Azure DevOps to App Builder, and how domain verification affects authentication and access. -_keywords: App Builder, Azure DevOps, Microsoft Accounts, Work Accounts, Personal Microsoft Accounts, Domain Verification, Azure AD, Authentication, Infragistics +title: Publish Apps to Azure DevOps from App Builder + Microsoft Account Type Requirements +_description: Learn how to publish applications to Azure DevOps directly from App Builder and understand how different Microsoft account types impact authentication and access. +_keywords: App Builder, Azure DevOps, Microsoft Accounts, Work Accounts, Personal Accounts, Authentication, Publish, CI/CD, Pull Requests, Domain Verification, Infragistics --- -# Set Up Microsoft Partner Network (MPN) and Account Types for Azure DevOps Integration +# Publishing Apps to Azure DevOps from App Builder -## Overview +The **Azure DevOps integration** in App Builder allows you to publish generated source code (Angular, React, Blazor, or Web Components) directly to your DevOps repositories. This streamlines handoff to development teams and fits naturally into your existing CI/CD workflows. -This guide helps you understand how different Microsoft account types impact authentication when integrating Azure DevOps with App Builder. Knowing whether your users are using work or personal Microsoft accounts is critical to ensuring successful and secure integration. +Before you begin, it's important to understand how **Microsoft account types** affect authentication and what steps are required to enable access — [see the section below](#how-microsoft-account-types-impact-authentication) for details. -## Supported Microsoft Account Types +## 🔌 Connect to Your Existing Azure DevOps Project -Azure DevOps supports organizational accounts (Work/School), while **Personal Microsoft accounts** have limited support due to Microsoft’s identity model. +1. In App Builder, click the **Publish** button. +2. Select **Azure DevOps** as the target platform. +3. Authenticate with your Microsoft account. +4. After successful login and MFA (if enabled), your Azure DevOps **organizations**, **projects**, and **repositories** will be listed for selection. -### Work and School Accounts +> Your credentials are securely verified. App Builder only requests permissions required for publishing. -- Examples: user@company.com, user@tenant.onmicrosoft.com -- Authentication: Works out-of-the-box -- No additional configuration required (if Azure DevOps is correctly set up) -- Can authorize access without administrator consent (depending on tenant policies) -### Personal Microsoft Accounts +## ➕ Create a Repo for the App from App Builder + +If no repository exists yet: + +1. Choose your **organization** and **project**. +2. Click **Create Repository**. +3. Define the repository name and visibility (private/public – visibility depends on project settings). +4. The repo is created and initialized for publishing. + +## ⏫ Publish/Push the Code to the Repo + +1. Click **Publish** to generate and push your app’s source code. +2. The initial publish populates the default branch (`main`) with your generated files. +3. A status indicator confirms successful publishing. + +## 🤖 Automatic CI Build + +Azure DevOps supports build pipelines that can be triggered on push: + +1. Ensure a pipeline is created and linked to the repo. +2. App Builder triggers the build automatically when code is pushed. +3. Monitor build status from within Azure DevOps. + +> If no pipeline is configured, you will need to create one manually and grant it access to the repository. + +## ⤴ Pull Requests for Follow-up Changes + +For subsequent publishes: -These are user-created accounts (e.g., @outlook.com, @hotmail.com) and are not supported directly for Azure DevOps integration in App Builder. +1. App Builder creates a **feature branch** with a unique name. +2. A **Pull Request (PR)** is automatically generated. +3. The build pipeline runs on the PR to validate the changes. +4. You can review code diffs before merging. + +> This workflow mimics GitHub pull requests and ensures code quality and team collaboration. + +## ⚙ Deploy as Live App (Coming Soon) + +Soon, you’ll be able to deploy your app to **Azure Web Apps** directly from App Builder. + +- Will support both **standard** and **static web apps** +- Simplifies deployment for customer demos and staging environments + +# How Microsoft Account Types Impact Authentication + +When connecting Azure DevOps to App Builder, authentication is handled via Microsoft Entra ID (formerly Azure Active Directory). Account type directly impacts the success of this connection. + +## Supported Microsoft Account Types + +### Work or School Accounts (Azure AD) + +- Examples: `user@company.com`, `user@tenant.onmicrosoft.com` +- Fully supported +- Require no additional setup in most cases +- Can grant necessary access based on organizational policy + +### Personal Microsoft Accounts -- Authentication will fail -- Common error: AADSTS500202: Personal Microsoft account not supported -- Workaround: Convert personal accounts to organizational accounts or add them as guests in the organization’s Azure tenant +- Examples: `user@outlook.com`, `user@hotmail.com` +- Not supported directly due to Azure DevOps access policies +- Will result in an authentication error (e.g., `AADSTS500202`) +- **Workaround**: + - Add the user as a **guest** to your Azure AD tenant, or + - Convert the personal account into a **work account** ## Domain Verification & Account Classification -Azure treats accounts differently based on domain verification status: +The domain associated with your email address determines how Microsoft classifies the account. -| **Account Email** | **Domain Status** | **Account Type** | **Behavior** | -| ----------------------------- | --------------------- | ---------------- | --------------------------------------- | -| `user@company.com` | Verified | Work | Works out-of-box | -| `user@tenant.onmicrosoft.com` | Built-in Azure domain | Work | Works out-of-box | -| `user@outlook.com` | N/A | Personal | Will not work directly | -| `user@mydomain.com` | Unverified | Personal | Will not work unless domain is verified | +| **Email Address** | **Domain Status** | **Account Type** | **Authentication Support** | +|------------------------------|-----------------------|------------------|----------------------------------------| +| `user@company.com` | Verified | Work | ✅ Works out-of-box | +| `user@tenant.onmicrosoft.com`| Built-in Azure domain | Work | ✅ Works out-of-box | +| `user@outlook.com` | N/A | Personal | ❌ Not supported | +| `user@mydomain.com` | Unverified | Personal | ❌ Not supported unless domain verified | -To verify a domain in Azure AD: +### How to Verify a Domain 1. Go to **Microsoft Entra ID** > **Custom domain names** -2. Add your domain and follow DNS verification steps (e.g., TXT record) +2. Add your domain +3. Follow DNS steps to add a **TXT record** to your domain registrar -## Best Practices for External Organizations +## Best Practices for Organizations -To ensure successful integration with App Builder: +To ensure smooth integration and avoid authentication issues: -1. **Use work/school accounts** associated with an Azure AD tenant -2. **Verify your custom domains** in Azure AD -3. Configure **Azure DevOps to use your Azure AD directory** -4. Ensure an **Azure DevOps service principal** is created -5. For users with personal accounts: - * Add them as **guests** to your Azure tenant, or - * Create **organizational work accounts**, or - * Set up a **self-service onboarding flow** (for advanced scenarios) +- ✅ Use **work or school accounts** associated with Azure AD +- ✅ **Verify your domains** in Microsoft Entra ID +- ✅ Configure **Azure DevOps** to use your Azure AD directory +- ✅ Ensure a **service principal** is registered for DevOps access +- ⚠ For personal accounts: + - Invite them as **guests** in your tenant + - Or provision a **work account** for development activities From ebb401504c657b957a4c0e8a335531e1cf323d47 Mon Sep 17 00:00:00 2001 From: Zdravko Kolev Date: Fri, 23 May 2025 17:43:54 +0300 Subject: [PATCH 3/5] initial change --- en/generate-app/azure-integration.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/en/generate-app/azure-integration.md b/en/generate-app/azure-integration.md index 8bc131f..259d1cc 100644 --- a/en/generate-app/azure-integration.md +++ b/en/generate-app/azure-integration.md @@ -1,7 +1,7 @@ --- title: Publish Apps to Azure DevOps from App Builder + Microsoft Account Type Requirements _description: Learn how to publish applications to Azure DevOps directly from App Builder and understand how different Microsoft account types impact authentication and access. -_keywords: App Builder, Azure DevOps, Microsoft Accounts, Work Accounts, Personal Accounts, Authentication, Publish, CI/CD, Pull Requests, Domain Verification, Infragistics +_keywords: App Builder, Azure DevOps, Azure Integration, Infragistics --- # Publishing Apps to Azure DevOps from App Builder From cfdd53010b8acedb892e9a5d65c8b3aabfa30b1c Mon Sep 17 00:00:00 2001 From: Zdravko Kolev Date: Fri, 23 May 2025 17:47:55 +0300 Subject: [PATCH 4/5] icons removal --- en/generate-app/azure-integration.md | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/en/generate-app/azure-integration.md b/en/generate-app/azure-integration.md index 259d1cc..e751de7 100644 --- a/en/generate-app/azure-integration.md +++ b/en/generate-app/azure-integration.md @@ -10,7 +10,7 @@ The **Azure DevOps integration** in App Builder allows you to publish generated Before you begin, it's important to understand how **Microsoft account types** affect authentication and what steps are required to enable access — [see the section below](#how-microsoft-account-types-impact-authentication) for details. -## 🔌 Connect to Your Existing Azure DevOps Project +## Connect to Your Existing Azure DevOps Project 1. In App Builder, click the **Publish** button. 2. Select **Azure DevOps** as the target platform. @@ -20,7 +20,7 @@ Before you begin, it's important to understand how **Microsoft account types** a > Your credentials are securely verified. App Builder only requests permissions required for publishing. -## ➕ Create a Repo for the App from App Builder +## Create a Repo for the App from App Builder If no repository exists yet: @@ -29,13 +29,13 @@ If no repository exists yet: 3. Define the repository name and visibility (private/public – visibility depends on project settings). 4. The repo is created and initialized for publishing. -## ⏫ Publish/Push the Code to the Repo +## Publish/Push the Code to the Repo 1. Click **Publish** to generate and push your app’s source code. 2. The initial publish populates the default branch (`main`) with your generated files. 3. A status indicator confirms successful publishing. -## 🤖 Automatic CI Build +## Automatic CI Build Azure DevOps supports build pipelines that can be triggered on push: @@ -45,7 +45,7 @@ Azure DevOps supports build pipelines that can be triggered on push: > If no pipeline is configured, you will need to create one manually and grant it access to the repository. -## ⤴ Pull Requests for Follow-up Changes +## Pull Requests for Follow-up Changes For subsequent publishes: @@ -56,7 +56,7 @@ For subsequent publishes: > This workflow mimics GitHub pull requests and ensures code quality and team collaboration. -## ⚙ Deploy as Live App (Coming Soon) +## Deploy as Live App (Coming Soon) Soon, you’ll be able to deploy your app to **Azure Web Apps** directly from App Builder. From 8246ccb0d54d01e51b366e43ad059251d458b890 Mon Sep 17 00:00:00 2001 From: Zdravko Kolev Date: Tue, 27 May 2025 09:12:57 +0300 Subject: [PATCH 5/5] addressing comments --- en/generate-app/azure-integration.md | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/en/generate-app/azure-integration.md b/en/generate-app/azure-integration.md index e751de7..219af5c 100644 --- a/en/generate-app/azure-integration.md +++ b/en/generate-app/azure-integration.md @@ -43,8 +43,6 @@ Azure DevOps supports build pipelines that can be triggered on push: 2. App Builder triggers the build automatically when code is pushed. 3. Monitor build status from within Azure DevOps. -> If no pipeline is configured, you will need to create one manually and grant it access to the repository. - ## Pull Requests for Follow-up Changes For subsequent publishes: @@ -54,7 +52,7 @@ For subsequent publishes: 3. The build pipeline runs on the PR to validate the changes. 4. You can review code diffs before merging. -> This workflow mimics GitHub pull requests and ensures code quality and team collaboration. +> This workflow ensures code quality and team collaboration. ## Deploy as Live App (Coming Soon)