Add general feature

Author: gloridelmorales

release-notes/2025/includes/general/sprint-257-update-links.md

@@ -9,4 +9,5 @@ ms.topic: include
 - [Restrict Personal Access Token (PAT) Creation Organization Policy now in Public Preview](#restrict-personal-access-token-pat-creation-organization-policy-now-in-public-preview)
 - [Removal of expired Azure DevOps OAuth Apps](#removal-of-expired-azure-devops-oauth-apps)
 - [Azure DevOps login flow no longer relies on Azure Resource Manager audience](#azure-devops-login-flow-no-longer-relies-on-azure-resource-manager-audience)
-- [New Microsoft Entra OAuth scopes](#new-microsoft-entra-oauth-scopes)
+- [New Microsoft Entra OAuth scopes](#new-microsoft-entra-oauth-scopes)
+- [Request Access URL availability](request-access-url-availability)

release-notes/2025/includes/general/sprint-257-update.md

@@ -28,4 +28,8 @@ There remain a couple of notable exceptions. The following ​user groups may ne
 2. Service Connection creators require continued access to ARM for ARM role assignment and updates to MSIs.
 
 ### New Microsoft Entra OAuth scopes
-Azure DevOps has introduced two new Microsoft Entra OAuth scopes, vso.pats and vso.pats_manage to enhance security and control over personal access token (PAT) lifecycle management APIs. These scopes are now required for delegated flows that involve PAT creation and management, replacing the previously broad user_impersonation scope. This change enables app owners to reduce the permissions needed by their app to access PAT APIs. Downscope your `user_impersonation` apps to the minimum scopes needed today!
+Azure DevOps has introduced two new Microsoft Entra OAuth scopes, vso.pats and vso.pats_manage to enhance security and control over personal access token (PAT) lifecycle management APIs. These scopes are now required for delegated flows that involve PAT creation and management, replacing the previously broad user_impersonation scope. This change enables app owners to reduce the permissions needed by their app to access PAT APIs. Downscope your `user_impersonation` apps to the minimum scopes needed today!
+
+### Request Access URL availability
+
+Azure DevOps administrators can disable the [**Request Access**](/azure/devops/organizations/accounts/disable-request-access-policy?view=azure-devops) policy and provide a URL for users to request access to an organization or project. This URL, previously available only to new users, is now also shown to existing users on the 404 page. To maintain confidentiality, the request access URL is displayed regardless of the project's existence.