Insufficient permissions to create Azure DevOps project while having Owner permission

Question

After being invited to a client's Azure account and having "Owner" role + access to "Azure AD user, group, service principal" granted I am able create App Services, import source from Github but when I try to create a DevOps project to start actual work I get an error:

Following the link towards more details I can see that its about permission issue but if I re-check my permissions:

It says "Owner" but the scope is: "This resource" - note that these infos are under the single Subscription that my client created, however if I click my name for detailed view on my identity I see "Guest":

What would be the proper way to grant me global permissions on my clients Azure account?

Thanks!

Answer 1

If you create a project, it will automatically create an AD App named like organizationname-projectname-513f22f1-befd-xxxxxxcfe90f1 in the App Registerations in your tenant.

To fix the issue, let the global admin of your tenant to modify the user settings. Navigate to the Azure Active Directory in the portal -> User settings -> set Users can register applications to Yes.

Then in the Manage external collaboration settings, set the Guest users permission are limited to No.

Besides, if you can get an administrator role, no matter the settings are, you can create the app directly.