In Azure DevOps organizations that are connected to Microsoft Entra, you may spot (duplicated) users with email prefixed with OIDCONFLICT_UpnReuse_{OID_HERE} (i.e. when trying to give them access or when mentioning them):
Such users are neither visible in the Azure DevOps Web UI under Organization settings > General > Users nor when querying all users via graph or via the Azure DevOps CLI.
A Microsoft learn community thread about this topic can be found here
Deleting the Azure DevOps users with OIDCONFLICT_UpnReuse_ prefix usually helps. To clean them all up, I implemented a PowerShell script to remove them via graph API as they can’t be deleted through the Azure DevOps Web UI.
The script can be found in my GitHub repository azure-devops-scripts
Leave a Reply