Get Azure AD access token from VSTS?

1
votes

I have some unit tests (JavaScript) which will be triggered to run from VSTS. The tests would test some web api endpoints which are hosted in Azure with Azure AD authentication configured on the web api webapp.

Can anyone recommend the best approach for authenticating against Azure AD where the client (JS code in VSTS) needs to perform a non-interactive authentication against an Azure AD webapp (not native app) to obtain an access token?

Is there a way to obtain an access token this way (without passing credentials in query string params in requests towards the Azure token endpoint which I appreciate would work, but far from ideal)?

2
azureazure-devopsazure-active-directoryaccess-tokenadal

2 Answers

0
votes

You can use an Azure service principal.

0
votes

Refer to this article to use Azure service principal in JS: Using the service principal

const Azure = require('azure');
const MsRest = require('ms-rest-azure');

MsRest.loginWithServicePrincipalSecret(
  <clientId or appId>,
  <secret or password>,
  <domain or tenant>,
  (err, credentials) => {
    if (err) throw err

    let storageClient = Azure.createARMStorageManagementClient(credentials, '<azure-subscription-id>');

    // ..use the client instance to manage service resources.
  }
);