Security Considerations

[fowl2]

Microsoft (and security best practice) recommends that MFA be enabled for SharePoint tenant administrators, could this article be updated to not require an administrator's credentials to be entered into DevOps? Most likely this would involve a service principal instead.

Additionally, is tenant administrator really required, or just specific permission on the app catalog?

Templates like these will be used verbatim so it's important they highlight security best practices, and if not at least make prominent warnings about their "sample only" nature.

---

Document Details

⚠ Do not edit this section. It is required for docs.microsoft.com ➟ GitHub issue linking.

• ID: 6f70ab0e-7e7d-df8f-5607-8794b5d26024
• Version Independent ID: 16b7890e-6e7f-0573-3d79-51bdb04758dd
• Content: Implement Continuous Integration and Continuous deployment using Azure Pipelines (preview)
• Content Source: docs/spfx/toolchain/implement-ci-cd-with-azure-pipelines.md
• Product: sharepoint
• Technology: sharepoint-framework
• GitHub Login: @spdevdocs
• Microsoft Alias: spdevdocs

[msft-github-bot]

Thank you for reporting this issue. We will be triaging your incoming issue as soon as possible.

[github-actions]

Thank you for taking the time to file an issue. We periodically archive older or inactive issues as part of our issue management process, which automatically closes them once they are archived.

If you’d like to understand more about why and how we handle archived (closed) issues, please see Our approach to closed issues.

We appreciate your contribution and if this is still an active issue with the latest SPFx versions, please do resubmit the details. We needed to perform a cleanup, so that we can start with a clean table with a new process. We apologize for the inconvenience this might cause.