Connect any Azure DevOps organization with a Personal Access Token (scopes: Code (Read) + Project & Team (Read)) to import its projects and run scans.

Pick an Azure DevOps project (and optionally specific repos) and trigger a Semgrep scan. Results appear under Projects when the scan finishes.

Scan any git repo by clone URL — Azure Repos, GitHub, GitLab, Bitbucket. Public repos need no token; for private repos add a token (used as HTTP Basic). The Project groups repos on the dashboard (defaults to "Manual").

Generate a token to authenticate CI pipelines / scanners (used as Authorization: Bearer, like SonarQube). The browser UI works without one. The token is shown once on creation.