You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: learn-pr/wwl-azure/manage-ado-mcp-server/includes/12-guided-exercise-manage-ado-mcp-server.md
+1-1Lines changed: 1 addition & 1 deletion
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -1,7 +1,7 @@
1
1
> [!IMPORTANT]
2
2
> To complete this exercise, you need an active GitHub account, an active GitHub Copilot subscription (Free edition could work, but comes with prompt limitations. You might not be able to go through all prompt steps as defined, depending on your current Copilot consumption), access to an Azure DevOps project and a Visual Studio Code environment.
3
3
4
-
This exercise provides a comprehensive experience of using Azure DevOps MCP Server integration in Visual Studio Code with GitHub Copilot, guiding you through several common DevOps team tasks, such as configuring ADO MCP Server in VSCode, interact with Azure Boards work items, retrieve and trigger pipeline runs, inspect logs and monitor Azure DevOps projects and integrate Security guidelines when using MCP.
4
+
This exercise provides a comprehensive experience of using Azure DevOps MCP Server in Visual Studio Code. You will use GitHub Copilot AI-assistance. Throughout the exercise, you handle several common DevOps team tasks, such as interact with Azure Boards work items, retrieve and trigger pipeline runs. Next, you learn how to use MCP to inspect ADO logs and apply Azure DevOps Security guidelines when using MCP.
Copy file name to clipboardExpand all lines: learn-pr/wwl-azure/manage-ado-mcp-server/includes/4-authenticate-validate-tools.md
+13-7Lines changed: 13 additions & 7 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -1,8 +1,8 @@
1
-
Authentication and tool validation are more than onboarding steps. They set the tone for everything that follows. Once you begin using MCP for Azure DevOps tasks, each approval decision becomes part of your operating model. In this unit, the focus is to help you build a pattern that feels practical in daily work: confirm who you are, verify where an action will run, inspect what is being requested, and approve deliberately.
1
+
Authentication and tool validation are more than onboarding steps. They set the tone for everything that follows. Once you begin using MCP for Azure DevOps tasks, each approval decision becomes part of your operating model. In this unit, the focus is to help you build a pattern that feels practical in daily work: confirm who you are, verify where an action runs, inspect what is being requested, and approve deliberately.
2
2
3
3
## Why Validation Matters
4
4
5
-
Conversational workflows are designed to feel fast and natural, but that is exactly why validation discipline matters. When a prompt sounds reasonable, it is easy to move quickly and assume details are correct. Most operational mistakes in this phase are not malicious, they are simple mismatches between intent and scope. A project name is off by one word, a repository reference points to the wrong target, or a write operation is broader than expected. Remember that AI doesn't have a memory state, nor does it has a proper context or reflection, like we humans do have. The more precise you can formulate your prompt, usually the more accurate the action or response will be.
5
+
Conversational workflows are designed to feel fast and natural, but that is exactly why validation discipline matters. When a prompt sounds reasonable, it is easy to move quickly and assume details are correct. Most operational mistakes in this phase are not malicious. They are simple mismatches between intent and scope. A project name is off by one word, a repository reference points to the wrong target, or a write operation is broader than expected. Remember that AI doesn't have a memory state, nor does it has a proper context or reflection, like we humans do have. The more precise you can formulate your prompt, usually the more accurate the action or response is.
6
6
7
7
Validation is the habit that prevents these small mismatches from becoming real incidents. It gives you confidence that the result you approve is the result you intended, and it helps teams scale AI-assisted workflows without sacrificing control.
8
8
@@ -14,19 +14,25 @@ After the result returns, compare it with what you expected to see. If the proje
14
14
15
15
## Payload Inspection Checklist
16
16
17
-
Payload inspection - meaning the information you send or receive in the prompt - should feel like a quick quality check, not a heavy process. Before you approve, mentally walk through a few essentials: Is this the right organization? Is this the exact project I intended? Do the IDs and artifact names match what I meant to target? Is the operation type read or write, and is that what I asked for?
17
+
Payload inspection - meaning the information you send or receive in the prompt - should feel like a quick quality check, not a heavy process.
18
+
19
+
Before you approve, mentally walk through a few essentials: Ask yourself questions like:
20
+
- Am I connected to the right organization?
21
+
- Did I connect to the exact project I intended?
22
+
- Do the work items and artifact names match what I meant to target?
23
+
- Is the operation type read or write, and is that what I asked for?
18
24
19
25
The final question is the most important: is the scope as narrow as possible? Narrow scope protects you from unintended side effects, especially in shared environments. This review usually takes only a few seconds, but it dramatically lowers the chance of approving an action with hidden impact.
20
26
21
27
## Building Approval Discipline
22
28
23
-
Strong approval habits develop in stages. Early on, one-time approvals are usually best because they force you to learn how payloads are formed and how prompts map to actions. As your confidence grows, session-level approvals can reduce friction for repetitive, low-risk work. Broader approvals should be treated as an advanced mode, reserved for controlled environments where policy guardrails and team norms are already in place.
29
+
Strong approval habits develop in stages. Early on, one-time approvals are best because they force you to learn how payloads are formed and how prompts map to actions. As your confidence grows, session-level approvals can reduce friction for repetitive, low-risk work. Broader approvals should be treated as an advanced mode, reserved for controlled environments where policy guardrails and team norms are already in place.
24
30
25
31
If something feels vague or too generic, do not force a decision. Deny, refine the prompt, and run it again with clearer constraints. In practice, a more specific prompt almost always produces a safer and easier-to-review payload.
26
32
27
33
## Validate Tool Behavior Across Domains
28
34
29
-
One successful request is a good start, but it is not enough to trust your full workflow. Validate behavior across the domains you rely on most, such as project discovery, work item lookup, pull request listing, and pipeline status checks. Each domain can expose different permission boundaries, and discovering those boundaries early is much better than finding them during a release window. If you stay within the boundaries of information you are already familiar with, it will also be easier to identify the accuracy of the prompt response.
35
+
One successful request is a good start, but it is not enough to trust your full workflow. Validate behavior across the domains you rely on most, such as project discovery, work item lookup, pull request listing, and pipeline status checks. Each domain can expose different permission boundaries, and discovering those boundaries early is better than finding them during a release window. If you stay within the boundaries of information you are already familiar with, it is easier to identify the accuracy of the prompt response.
30
36
31
37
## Common Authentication Issues And Responses
32
38
@@ -37,15 +43,15 @@ When authentication behaves unexpectedly, the fastest path is usually to verify
37
43
38
44
## Security-minded Operating Habits
39
45
40
-
Security-minded operation is mostly about consistency. Use explicit project names in prompts, avoid broad update requests until you have previewed intent, and treat write approvals as deliberate decisions rather than routine clicks. Keep high-impact actions under human review, especially when prompts involve wide scope or production-adjacent assets.
46
+
Security-minded operation is mostly about consistency. Use explicit project names in prompts, avoid broad update requests until you previewed intent, and treat write approvals as deliberate decisions rather than routine clicks. Keep high-impact actions under human review, especially when prompts involve wide scope or production-adjacent assets.
41
47
42
48
MCP works best when convenience and caution are balanced. The goal is not to slow work down, but to make correct execution repeatable.
43
49
44
50
## Escalation Paths And Exception Handling
45
51
46
52
Not every failure should trigger a request for broader access. Mature teams separate temporary blockers from true permission gaps. For example, if one repository fails while others succeed, the right fix may be a targeted project assignment rather than organization-wide rights.
47
53
48
-
When exceptions are necessary, record why the exception exists, how long it should last, and who will review it. This keeps short-term productivity decisions compatible with long-term governance goals.
54
+
When exceptions are necessary, record why the exception exists, how long it should last, and who reviews it. This approach keeps short-term productivity decisions compatible with long-term governance goals.
0 commit comments