Azure DevOps — the suite of services covering Boards (project tracking), Repos (Git), Pipelines (CI/CD), Test Plans (test management), and Artifacts (package feeds) — is used by millions of developers worldwide. Its pricing model is nuanced enough that most organisations either overpay through unnecessary licences, or underpay and accumulate compliance exposure that surfaces in a Microsoft audit.
This guide covers the Azure DevOps licensing model in full: who needs what licence, how Pipelines parallel jobs work, where Advanced Security fits, and — the question that is live for most enterprise technology teams — when the right decision is to stay on Azure DevOps and when to migrate to GitHub.
Azure DevOps User Licensing
Azure DevOps uses a per-user access licence model with two tiers for most users, plus a free allocation and specific licence for test professionals:
Free Users (Basic Plan)
The first five users of any Azure DevOps organisation are free. This applies to all paid Azure subscriptions. The Basic plan provides access to Azure Boards, Azure Repos, Azure Pipelines, and Azure Artifacts. For small teams and startups, the first five seats cover basic DevOps capability at no additional cost.
Basic Plan — Paid
Additional users beyond the free five are licensed on the Basic plan at $6 per user per month (billed monthly) or included in certain Visual Studio subscriptions. Basic provides the same access as the free allocation: Boards, Repos, Pipelines, Artifacts. The paid Basic plan is appropriate for developers, infrastructure engineers, and most technical contributors who do not need formal test management capabilities.
Basic + Test Plans
$52 per user per month. This is a significant price jump from Basic and is frequently over-purchased. Basic + Test Plans adds access to Azure Test Plans — the manual test case management, exploratory testing, and feedback collection toolset. It does not provide access to any additional CI/CD, source control, or project management features beyond what Basic includes.
The critical governance point: only users who actively use Azure Test Plans need this licence. Developers who run automated tests through Azure Pipelines — which is the vast majority of modern development practice — do not need Basic + Test Plans. They need Basic, or in many cases, are covered by Visual Studio subscriptions. In organisations that provisioned Test Plans broadly three-to-five years ago before test automation matured, a significant fraction of Basic + Test Plans licences are unused.
Visual Studio Subscriptions
Visual Studio Professional and Enterprise subscriptions include Azure DevOps Basic access as a benefit. This is an important inclusion: if your organisation already has Visual Studio Professional or Enterprise subscriptions for developers (either standalone or as part of MSDN), those users do not need a separate Azure DevOps Basic licence. Assigning a paid Basic licence to a user with a Visual Studio subscription is pure waste. This is one of the most common Azure DevOps overspend patterns.
| Licence Type | Monthly Cost | Azure DevOps Access | Best For |
|---|---|---|---|
| Free (first 5 users) | $0 | Full Basic (Boards, Repos, Pipelines, Artifacts) | Small teams, first 5 users |
| Basic | $6/user | Full Basic | Developers, engineers beyond free tier |
| Basic + Test Plans | $52/user | Basic + Azure Test Plans | QA engineers using manual test cases |
| Visual Studio Professional | $45/user (incl. DevOps Basic) | Basic included | Developers needing VS + DevOps access |
| Visual Studio Enterprise | $250/user (incl. DevOps Basic) | Basic included | Developers needing full SDLC tooling |
| Stakeholder (free) | $0 | Boards (view/edit work items only), limited Pipelines view | Project managers, product owners, business stakeholders |
Stakeholder Access
Stakeholder access is free and unlimited. It provides access to Azure Boards (create and edit work items, view backlogs and sprint boards) and basic Pipelines visibility. Project managers, product owners, business analysts, and anyone who needs to view project status, update work items, or track sprint progress does not need a paid Basic licence — Stakeholder access is sufficient and costs nothing. Over-assigning Basic licences to stakeholders is a widespread and easily correctable waste pattern.
Azure Pipelines: Parallel Jobs Licensing
Azure Pipelines CI/CD licensing operates on a parallel job model rather than a per-user model. A parallel job is a concurrent pipeline run — the number of builds, releases, or deployments you can run simultaneously across your organisation.
Hosted (Microsoft-Managed) Agents
- Free tier: 1 free Microsoft-hosted parallel job with up to 1,800 minutes per month. For small teams or low-frequency CI, this may be sufficient.
- Paid hosted agents: $40 per parallel job per month for additional Microsoft-hosted parallel jobs. Each additional job adds one more concurrent pipeline run capacity on Microsoft's infrastructure.
- Agent specifications: Microsoft-hosted agents are provisioned fresh for each job from a defined VM image (Windows Server 2022, Ubuntu 22.04, macOS variants). There is no state persistence between jobs by default.
Self-Hosted Agents
- Free tier: 1 free self-hosted parallel job per organisation.
- Paid self-hosted agents: $15 per parallel job per month for additional self-hosted capacity.
- Self-hosted agent pool: Agents can run on any machine — on-premises servers, Azure VMs, containers. Multiple agents can be registered from the same machine, each consuming one parallel job slot.
Pipelines and EA Negotiation
Azure Pipelines parallel job costs are eligible for Azure MACC consumption credit — they are billed through Azure, not through a separate billing mechanism. This means your Pipelines spend can count toward your MACC commitment threshold, potentially contributing to deal desk discount eligibility. Many organisations do not recognise this linkage.
Azure DevOps Advanced Security
Microsoft launched Azure DevOps Advanced Security (ADO AdvSec) in 2023 as a direct competitor to GitHub Advanced Security for organisations using Azure Repos rather than GitHub. The pricing model is per active committer, similar to GitHub's GHAS — approximately $49 per active committer per month, though enterprise pricing is negotiable.
ADO AdvSec includes three core capabilities:
- Dependency scanning: Identifies vulnerable dependencies in Azure Repos and blocks pull requests that introduce new known vulnerabilities
- Code scanning: Static analysis using CodeQL and other analysis engines, integrated into the pull request workflow
- Secret scanning: Detects accidentally committed credentials, API keys, and tokens in Azure Repos history and new commits
The feature set is comparable to GitHub Advanced Security but tuned for Azure Repos. If your primary repository platform is Azure Repos and you have no plans to migrate to GitHub, ADO AdvSec is the appropriate security scanning product. If you are running a mixed environment — GitHub for some teams, Azure Repos for others — you may be paying for both GHAS and ADO AdvSec with overlapping coverage. Rationalise before purchasing both.
Azure Artifacts Licensing
Azure Artifacts provides package feed management for NuGet, npm, Maven, Python, and Universal Package types. The pricing model is storage-based:
- First 2 GB free per organisation per month
- $2 per GB per month for storage beyond the free tier
For most development teams, Artifacts storage costs are modest — typically under $50/month unless you are storing large binary packages or maintaining extensive package version histories. The common waste pattern is retaining every package version indefinitely, which accumulates storage cost without value. Implementing a package retention policy (keep last N versions per package, delete versions older than X months) typically reduces Artifacts storage costs by 40–60% for mature repositories.
Azure DevOps vs GitHub: The Migration Decision
Microsoft's long-term strategic direction is clearly GitHub — GitHub Actions for CI/CD, GitHub Repos for source control, GitHub Projects for planning. Azure DevOps continues to receive investment but is broadly in maintenance mode from a feature velocity perspective. The question for enterprise teams is not whether to eventually migrate, but when.
Reasons to Stay on Azure DevOps (for now)
- Azure Boards dependency: If your organisation has invested heavily in Azure Boards — complex sprint configurations, customised work item types, reporting dashboards — the migration cost is non-trivial. GitHub Projects has not yet reached parity with Azure Boards' enterprise configuration depth.
- Azure Test Plans investment: If your QA process relies on Azure Test Plans for manual test case management, there is no equivalent in GitHub. The migration would require a complete test management tool replacement.
- On-premises requirements: Azure DevOps Server (the on-premises variant) serves organisations that cannot use cloud-hosted repositories. GitHub Enterprise Server exists, but the migration from Azure DevOps Server to GHES is a significant engineering effort.
- Integrated Azure deployment pipelines: Complex Azure Pipelines environments with extensive environment gates, approvals, and release management can be difficult to replicate cleanly in GitHub Actions.
Reasons to Migrate to GitHub
- Developer experience and talent: GitHub is the dominant developer community platform. Engineers are more likely to have GitHub familiarity than Azure DevOps fluency. This is a measurable factor in recruitment and onboarding.
- GitHub Copilot integration: GitHub Copilot's deepest integration is with the GitHub platform — pull request summaries, repository-aware chat, code review assistance. These features are not available at equivalent depth in Azure Repos.
- Open source contribution: If your organisation contributes to or consumes open source projects, GitHub is the natural platform. Azure DevOps creates friction in this ecosystem.
- GitHub Actions ecosystem: The GitHub Actions marketplace is substantially larger and more actively maintained than Azure Pipelines task library. New tooling integrations appear in GitHub Actions first, often years before Azure Pipelines equivalents.
Cost Optimisation Priorities
Priority 1: Eliminate Visual Studio Subscription Overlap
Run a report from Azure DevOps showing all users assigned paid Basic licences. Cross-reference against your Visual Studio subscription list. Any user with a Visual Studio Professional or Enterprise subscription does not need a paid Azure DevOps Basic licence — the DevOps access is included. Remove the duplicate Basic licences. This is typically the single highest-value zero-effort optimisation for organisations that have grown their developer headcount over time.
Priority 2: Right-Size Test Plans Licences
Audit who has Basic + Test Plans assigned. Identify users who have not logged into Test Plans in the last 90 days (available from the Azure DevOps usage data). Users who have not actively used Test Plans — running manual test cases, writing test plans, conducting exploratory testing — should be downgraded to Basic ($6) from Basic + Test Plans ($52). The annual saving per unnecessary Test Plans user is $552.
Priority 3: Convert Stakeholders to Stakeholder Access
Identify users assigned Basic who only use Azure Boards — they never touch Repos, Pipelines, or Artifacts. Most project managers, scrum masters, and product owners fall into this category. Stakeholder access provides everything they need at zero cost. Converting 50 Basic users to Stakeholder access saves $3,600 per year — modest at small scale, but material in large organisations.
Priority 4: Self-Hosted Agent Rationalisation
For organisations running 10+ concurrent pipeline jobs, model the cost of self-hosted agents on Azure spot instances or reserved VMs versus Microsoft-hosted parallel jobs. At current pricing, a D2s_v5 Azure VM running as a self-hosted agent ($0.096/hour spot) can handle 8–10 pipeline jobs per day at a fraction of the cost of equivalent Microsoft-hosted parallel job capacity.
Priority 5: Artifacts Retention Policies
Implement retention policies on all feed types. Default to keeping the last 10 versions of each package for feeds where consumers always reference specific versions, or keep packages published in the last 180 days for feeds with rolling consumption patterns. Run the current storage report, implement policies, and re-measure after 30 days to confirm cost reduction.
Optimise Your Azure DevOps Licensing
Most Azure DevOps environments have 20–35% recoverable cost in duplicate licences, unused Test Plans, and oversized agent capacity. We can identify it.
Developer Licensing Audit
Independent audit of your Azure DevOps licensing across all services — user licences, pipeline capacity, Advanced Security, and Artifacts.
Request AuditEA Optimisation Advisory
Include developer tooling — Azure DevOps, GitHub, Visual Studio — in your next EA negotiation for maximum consolidated discount.
Explore AdvisoryDeveloper Licensing Guide
The complete Microsoft developer and DevOps licensing guide — the full stack from GitHub to Visual Studio to Azure MACC.
Read the GuideBottom Line
Azure DevOps licensing is not complex in structure — the challenge is that it accretes waste silently. Visual Studio subscriptions cover DevOps access that nobody has deprovisioned. Test Plans licences were assigned generously and never reviewed. Basic licences were given to project managers who only ever use Boards. The remediation work is straightforward once you run the audit; the audit itself takes an afternoon. The annual saving per 100 users audited is typically £20,000–£40,000 depending on the current licence mix.
Whether you stay on Azure DevOps or migrate to GitHub is a strategic decision that should be driven by engineering value and roadmap alignment, not by licensing cost alone. The licensing cost of both platforms, properly optimised and negotiated into your EA, is broadly comparable. Make the platform decision on capability and developer experience — then optimise the commercial terms around whichever direction you choose.
For the complete developer and DevOps licensing picture, see the Developer & DevOps licensing guide. For GitHub Enterprise licensing in detail, see the GitHub Enterprise guide.