Getting OAuth tokens for Azure DevOps API consumption

2
votes

I have a web app written in Angular 7. I'm trying to consume Azure DevOps APIs and I understand that I have to setup an Azure Active Directory App. I have tried few libraries like adal-angular msal-angular and wrappers like microsoft-adal-angular6. Followed their documentations and samples. I can successfully access the User's name, emails and a token. I can use the token for Microsoft Graph apis but not for Azure DevOps apis. I tried using this token as a Authentication Bearer for my HttpClient however I'm getting Status Code 203.

Then I found this answer and I think this is the missing part that I need but its for dotNet.

The API Im cosuming: https://app.vssps.visualstudio.com/_apis/accounts

Q:

  1. What is the token Im getting?
  2. How can I get the appropriate token using Angular 7?
  3. What libraries do I need?
1
angularazureazure-devopsazure-active-directoryangular7
In the answer you linked, Philippe mentions the resource id is "499b84ac-1321-427f-aa17-267ca6975798". If you use MSAL, you can then ask for a token with scope: "499b84ac-1321-427f-aa17-267ca6975798/.default".juunas
@juunas yep I also tried that however im still getting 203. user not consented. I checked my AAD app and I have already added Visual Studio Team Services with user_impersonation scope.Hexxed
@juunas I got it working now! I used MSAL. I tried plugging the "499b84ac-1321-427f-aa17-267ca6975798/.default" in the acquireToken methods. ThanksHexxed

1 Answers

2
votes

I used @azure/msal-angular. I got the azure dev ops token using acquireTokenSilent(['499b84ac-1321-427f-aa17-267ca6975798/.default']). If it fails, I used the acquireTokenRedirect(['499b84ac-1321-427f-aa17-267ca6975798/.default'])

access token can be retrieved via getCachedTokenInternal([499b84ac-1321-427f-aa17-267ca6975798/.default])