Personal Access Token Permissions and User Roles for Azure DevOps

Certain personal access token permissions and user roles are required to perform backups and restores for Azure DevOps.

Backups

Context	Personal access token permissions	User roles (member of the organization)
All contexts	Read permissions at the Code scope level	User must have the Project Readers role at the Project level

Context	Personal access token permissions	User roles (member of the organization)
If the destination project does not exist	Read, Write, and Manage permissions at the Project and Team scope level Read, Write, and Manage permissions at the Code scope level	User must have the Create New Projects permissions enabled User will be set as the Project Administrator for the project created by the restore operation.
If the destination project exists, but the repository does not exist	Read, Write, and Manage permissions at the Code scope level	User must have the Project Administrator role for the destination project
If the destination project and repository exists	Read and Write permissions at the Code scope level	User must have the Project Contributor role for the destination project