Documentation Index
Fetch the complete documentation index at: https://docs.kodus.io/llms.txt
Use this file to discover all available pages before exploring further.
Introduction to the PAT
To enable Kody to perform automatic Code Reviews, you need to generate a Personal Access Token (PAT) in Azure DevOps. This token allows Kody to securely access your repositories and conduct code analysis in a controlled way.Generating the PAT (Personal Access Token)
You can access the PAT settings directly using this link: Azure DevOps PATs. Follow these steps to set up the token correctly:-
Access Azure DevOps and go to your security settings:
- Go to Azure DevOps and sign in.
- Click on your profile picture in the top-right corner.
- Select “Security” from the dropdown.
-
Create a new PAT:
- Under the Personal Access Tokens section, click on “New Token”.
-
Set up the new token with the following specifications:
-
Name: Choose an easily identifiable name, such as
kody_code_review. - Organization: Select your target organization.
- Expiration: Choose an appropriate expiration time (e.g., 90 or 180 days).
-
Scopes: Select the following permissions:
- Analytics: Read
- Code: Read & Write
- Graph: Read
- Identities and Groups: Read
- Project and Team: Read
- User Profile: Read
-
Name: Choose an easily identifiable name, such as
- Click Create.
Write access to Code is required for Kody to post comments and manage pull request feedback.
Adding the Token to Kody
After generating the token, paste it into the Kody automation setup screen. The configuration modal will open automatically when you attempt to enable the automation.Troubleshooting: Kody isn’t reviewing PRs in Azure DevOps
If Kody is connected but nothing happens on new pull requests — no reactions, no comments, no PRs appearing in the Kodus dashboard — the cause is almost always one of three issues, in order of how often we see them.1. Check the PAT scopes
Open the PAT in Azure DevOps and confirm every scope listed under Generating the PAT is enabled. The one most often missed is Code: Read & Write — without Write, Kody can read your repositories but cannot post review comments, so the reviews “run silently”. If the PAT was created before a scope was added, Azure DevOps won’t retroactively add it. Create a new PAT with the full scope list and update it in the Kody automation setup.2. Check the user’s project permissions
A PAT inherits the permissions of the Azure DevOps user who created it. If that user does not have access to the target project, repository, or PR workflow, even a correctly-scoped PAT will be silently rejected by Azure. Verify the PAT owner can, from the web UI:- Open the repository and view pull requests.
- Post a comment on a pull request.
- See the PR’s threads and reactions.
3. As a last resort: add the user to Project Collection Administrators
Some Azure DevOps organizations enforce stricter org-level policies that block even correctly-permissioned users from posting PR comments via a PAT. If steps 1 and 2 look correct but Kody still doesn’t post anything, add the PAT owner to the Project Collection Administrators group:- Open Organization Settings → Permissions (left sidebar).
- Click the Project Collection Administrators group.
- Open the Members tab → click Add.
- Add the user that generated the Kodus PAT.
Still stuck?
If none of the above resolves the issue, the problem is usually on the webhook side rather than the PAT. See Creating a Webhook — particularly the troubleshooting section, which covers the?token= signed-URL requirement that only Azure Repos has.