No standing access
ADO Pilot holds no PAT for your repositories and needs no standing service-principal grant to them. There's no standing access on our side to leak, misuse, or subpoena.
Just-in-Time Code Access removes ADO Pilot's standing access entirely — no stored PAT, no standing service-principal grant to your repositories. Your own pipeline streams the diff and answers the model's file reads over an authenticated WebSocket; ADO Pilot brokers the review to Anthropic in real time and, by design, keeps nothing at rest.
// THE PROBLEM
Most review tools — ours included, by default — need standing access that can read your repositories: a stored PAT, or a service-principal grant your directory hands the vendor. Either way it's a permanent line into your source — a token that can be leaked, or an authorization that can be misused or compelled — and it's the first thing a security review flags. JIT Code Access removes it.
With Just-in-Time Code Access there is no standing access to your source on our side — so there's nothing to add to the risk register, no authorization to misuse, and nothing an attacker or a subpoena could use to reach your code through us.
// WHAT YOU GET
ADO Pilot holds no PAT for your repositories and needs no standing service-principal grant to them. There's no standing access on our side to leak, misuse, or subpoena.
A pipeline you own and maintain performs the checkout, inside your own Azure DevOps environment. The source never sits at rest on our side.
ADO Pilot brokers the review as a real-time proxy to Anthropic. By design, nothing is cached, written to disk, or persisted — your code exists only in-flight, then it's gone.
Because the pipeline is yours, you decide when — and whether — a review ever runs. Revoke access by changing your own pipeline, not by filing a ticket with us.
Shrinks third-party blast radius to near zero and gives your vendor-risk and data-residency assessments a much shorter checklist.
You get an ADO Pilot review delivered the way you already expect — inline comments and a status check on the PR. What changes is the path your code takes to the model, not where the results land.
// HOW IT WORKS
Your pipeline dials out to ADO Pilot over a single authenticated WebSocket and answers the model's requests in real time. ADO Pilot only ever brokers the bytes — it keeps none of them.
A pull request is opened or updated, and a pipeline you own and maintain triggers on that event — checking out the repo right inside your Azure DevOps environment. Nothing on our side has the access to start it.
Your pipeline dials out to ADO Pilot over an authenticated WebSocket and transmits the PR diff. You initiate the connection, and it stays open only for this review.
The instant the diff arrives, ADO Pilot relays the review to Anthropic — held in memory for milliseconds, never written to disk, never stored. in-memory only · nothing at rest.
Anthropic sends tool calls back to ADO Pilot, which proxies each one down the same WebSocket to your pipeline task. Your task reads exactly what was requested and streams it back — search, read, analyze, repeat. every byte proxied, none retained.
Inline comments and the status check land on your PR. The WebSocket closes, and every byte that passed through is already gone. retained: 0 bytes.
// STANDARD vs. JIT
Standard ADO Pilot is built for fast setup and never clones or indexes your source tree. JIT Code Access goes further for teams that can't grant any standing access at all.
| Standard ADO Pilot | JIT Code Access — add-on | |
|---|---|---|
| Repository access | Standing PAT or service principal | None — no standing credential exists |
| How the code is read | ADO Pilot reads the PR diff via its credential | Your pipeline serves the diff and the model's file reads over a live WebSocket; ADO Pilot never touches your repo |
| Where the checkout happens | No clone — diff only, from a service hook | Your environment, your pipeline |
| Your code on our side | Diff held in encrypted, access-controlled temporary storage for the review, then deleted | Nothing at rest — brokered in real time, never persisted |
| Who controls the trigger | Our service hook, on PR events | You, via your own pipeline |
| Ideal for | Most teams — fastest setup, zero pipeline changes | Regulated & security-first Enterprise |
// AVAILABILITY
JIT Code Access is an add-on to the Enterprise plan, and we're onboarding design partners now. Setup and pricing are scoped to your environment. Tell us about your requirements and we'll walk you through the architecture and a pilot.
// GOING FURTHER
If a real-time proxy still isn't enough isolation — you need ADO Pilot running entirely inside your own network, or fully air-gapped with no egress to us at all — that's a conversation we want to have. Reach out and we'll scope your requirements with you.