1
Generate an Azure DevOps Personal Access Token
Access your Azure DevOps account and generate a personal access token (PAT) with both read and write permissions.
2
Integrate the Token with Corgea
Proceed to the Integrations page on Corgea. Click the ”+” button within the Azure DevOps section and ensure the token is securely saved.
3
Identify Azure DevOps Projects in Corgea
After configuration, navigate to the Projects page. Your Azure DevOps project will be displayed with a Windows icon. Click the ”+” in the action column to initiate the first scan, or select the project name and click “New Scan” to commence a new scan.
4
Submit a Pull Request to Azure DevOps
From any issue page associated with Azure DevOps projects in Corgea, you can submit a pull request to address an issue.
Optional: Webhook Configuration
To enable scans for each pull request, configure a webhook. Ensure you possess the requisite permissions to set up webhooks for your project.1
Select “Project settings” located at the bottom left of the Azure DevOps interface.
2
Click on “Service Hooks”. Multiple clicks may be necessary if it does not load immediately.
3
Click the ”+” button and choose “Web Hooks”.
4
Select “Pull request created” as the trigger event, configure any optional settings, and click “Next”.
5
In the Settings section, input the URL as https://www.corgea.app/azure_webhook/ or 
https://your_instance.corgea.app/azure_webhook/ for private deployments.6
Open a new browser tab, navigate to the Corgea integrations page, and locate your Azure integration. Copy the X-CORGEA-UUID value.
7
Return to the Azure DevOps Webhook configuration page and populate the headers section with:
- X-CORGEA-UUID: (UUID value you copied)
- X-WEB-TOKEN: (the same PAT configured in Corgea)
8
Click “Finish” to save the configuration. Disregard the “Test” button as it may attempt to trigger scans for files you do not have access to.
9
Validate the setup by creating a new pull request. A successful configuration will display a successful event in the webhook history and trigger a new scan on the Corgea Scans page at https://www.corgea.app/scans/.
