{"id":2358,"date":"2025-08-12T14:39:05","date_gmt":"2025-08-12T14:39:05","guid":{"rendered":"https:\/\/rssfeedtelegrambot.bnaya.co.il\/index.php\/2025\/08\/12\/real-time-security-with-continuous-access-evaluation-cae-comes-to-azure-devops\/"},"modified":"2025-08-12T14:39:05","modified_gmt":"2025-08-12T14:39:05","slug":"real-time-security-with-continuous-access-evaluation-cae-comes-to-azure-devops","status":"publish","type":"post","link":"https:\/\/rssfeedtelegrambot.bnaya.co.il\/index.php\/2025\/08\/12\/real-time-security-with-continuous-access-evaluation-cae-comes-to-azure-devops\/","title":{"rendered":"Real-Time Security with Continuous Access Evaluation (CAE) comes to Azure DevOps"},"content":{"rendered":"

We\u2019re thrilled to announce that Continuous Access Evaluation (CAE)<\/strong> is now supported on Azure DevOps, bringing a new level of near real-time security enforcement to your development workflows.<\/p>\n

What Is CAE?<\/h2>\n

Continuous Access Evaluation (CAE)<\/a> is a feature from Microsoft Entra ID that enables near real-time enforcement of Conditional Access policies<\/strong>. Traditionally, Microsoft Entra access tokens in Azure DevOps are valid for up to an hour, meaning that even after a user\u2019s account is disabled or a password is changed, access may persist until the token expires. CAE changes that.<\/p>\n

With CAE, Azure DevOps can revoke access quickly<\/strong> after critical events occur, such as:<\/p>\n

User deletion or disablement
\nPassword changes or resets
\nAdmin-triggered token revocations
\nMulti-factor Authentication enablement
\nIP\/location changes<\/p>\n

This is achieved through a two-way conversation between Entra and Azure DevOps, allowing for access-time policy enforcement rather than relying solely on enforcement at time of token issuance. Real-time enforcement means that compromised accounts or policy violations are addressed as soon as we learn of the event, reducing exposure windows and improving incident response. (See Microsoft Entra documentation<\/a> for any expected considerations and latency per critical event.)<\/p>\n

These changes are now rolling out across the Azure DevOps web platform and ought to be available by end of August.<\/p>\n

What\u2019s Changing for Developers?<\/h2>\n

If you\u2019re using our latest .NET client library<\/a>, you\u2019ll need to handle CAE rejections gracefully<\/strong>. When a token is rejected, the client will receive a 401 Unauthorized response with a claims challenge<\/strong>. Your app must extract the challenge, fetch a new token, and retry the request. CAE is expected to arrive in our Python and Go client libraries by the end of 2025.<\/p>\n

Learn more about claims challenges<\/a> in the Entra documentation. We\u2019ll also update this blog shortly with code samples for our latest .NET client library.<\/p>\n

Let us know what you think about this new CAE support in the comments below!<\/p>\n

The post Real-Time Security with Continuous Access Evaluation (CAE) comes to Azure DevOps<\/a> appeared first on Azure DevOps Blog<\/a>.<\/p>","protected":false},"excerpt":{"rendered":"

We\u2019re thrilled to announce that Continuous Access Evaluation (CAE) is now supported on Azure DevOps, bringing a new level of […]<\/p>\n","protected":false},"author":0,"featured_media":94,"comment_status":"","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"site-sidebar-layout":"default","site-content-layout":"","ast-site-content-layout":"default","site-content-style":"default","site-sidebar-style":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","ast-disable-related-posts":"","theme-transparent-header-meta":"","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","astra-migrate-meta-layouts":"default","ast-page-background-enabled":"default","ast-page-background-meta":{"desktop":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"ast-content-background-meta":{"desktop":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"footnotes":""},"categories":[3],"tags":[],"class_list":["post-2358","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-azure"],"_links":{"self":[{"href":"https:\/\/rssfeedtelegrambot.bnaya.co.il\/index.php\/wp-json\/wp\/v2\/posts\/2358","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/rssfeedtelegrambot.bnaya.co.il\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/rssfeedtelegrambot.bnaya.co.il\/index.php\/wp-json\/wp\/v2\/types\/post"}],"replies":[{"embeddable":true,"href":"https:\/\/rssfeedtelegrambot.bnaya.co.il\/index.php\/wp-json\/wp\/v2\/comments?post=2358"}],"version-history":[{"count":0,"href":"https:\/\/rssfeedtelegrambot.bnaya.co.il\/index.php\/wp-json\/wp\/v2\/posts\/2358\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/rssfeedtelegrambot.bnaya.co.il\/index.php\/wp-json\/wp\/v2\/media\/94"}],"wp:attachment":[{"href":"https:\/\/rssfeedtelegrambot.bnaya.co.il\/index.php\/wp-json\/wp\/v2\/media?parent=2358"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/rssfeedtelegrambot.bnaya.co.il\/index.php\/wp-json\/wp\/v2\/categories?post=2358"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/rssfeedtelegrambot.bnaya.co.il\/index.php\/wp-json\/wp\/v2\/tags?post=2358"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}