We recommend using Visual Studio 2017
This documentation is archived and is not being maintained.

Securing Team Foundation Server

Security for Team Foundation is integrated with Windows authentication and based on users and groups. Windows authentication is used to authenticate accounts for connections between Visual Studio Team Foundation Server and clients of Team Foundation. In addition, authorization in Team Foundation Server is based on users, groups, and permissions in Team Foundation Server. You can increase the security of your deployment in several ways, which include the following tasks:

  • assigning permissions to users and groups

  • understanding the underlying architecture of your deployment

  • increasing the security of the network ports and traffic between clients and servers

You can configure your deployment to use Hypertext Transfer Protocol Secure (HTTPS) with Secure Sockets Layer (SSL). If you use HTTPS with SSL, network traffic is encrypted between Team Foundation Server and the clients that request access to its resources, which include team project portals, reports, and work items. You can configure your deployment to support HTTPS with SSL in addition to HTTP, or you can require users of Team Foundation Server to use HTTPS with SSL. 

Team Foundation Server, Authentication, and Access

Describes the authentication modes Team Foundation Server supports with Visual Studio 2010 installed.

Setting up HTTPS with Secure Sockets Layer (SSL) for Team Foundation Server

Explains the advantages and disadvantages of configuring your deployment to use HTTPS with SSL. This topic also describes how to configure Visual Studio 2010 to support or require HTTPS with SSL for web connections between the data, application, and client tiers of Team Foundation.