I want to set ACL of Azure DevOps Artifact feed via API,
so I'm following https://docs.microsoft.com/en-us/rest/api/azure/devops/artifacts/feed%20%20management/set%20feed%20permissions?view=azure-devops-rest-5.0
..and my request is:
curl --location --request PATCH 'https://feeds.dev.azure.com/kagarlickij/test/_apis/packaging/Feeds/335ffcb7-d09a-424a-8359-4d912922e422/permissions?api-version=5.0-preview.1' \
--header 'Content-Type: application/json' \
--header 'Authorization: Basic O***E=' \
--data-raw '[
{
"role": "administrator",
"identityDescriptor": "Microsoft.IdentityModel.Claims.ClaimsIdentity;[email protected]",
"displayName": null,
"isInheritedRole": false
},
{
"role": "administrator",
"identityDescriptor": "Microsoft.TeamFoundation.Identity;S-1-9-1551374245-1343567041-101590592-3129239589-3184381367-0-0-0-0-1",
"displayName": null,
"isInheritedRole": true
},
{
"role": "contributor",
"identityDescriptor": "Microsoft.TeamFoundation.ServiceIdentity;7a539633-289b-4efc-ac2e-e475ef28cdc3:Build:c1341550-0e06-4026-ba84-6825bdcdcdb7",
"displayName": null,
"isInheritedRole": false
}
]'
I'm getting expected response:
{
"count": 3,
"value": [
{
"role": "administrator",
"identityDescriptor": "Microsoft.IdentityModel.Claims.ClaimsIdentity;[email protected]",
"displayName": null,
"isInheritedRole": false
},
{
"role": "administrator",
"identityDescriptor": "Microsoft.TeamFoundation.Identity;S-1-9-1551374245-1343567041-101590592-3129239589-3184381367-0-0-0-0-1",
"displayName": null,
"isInheritedRole": false
},
{
"role": "contributor",
"identityDescriptor": "Microsoft.TeamFoundation.ServiceIdentity;7a539633-289b-4efc-ac2e-e475ef28cdc3:Build:c1341550-0e06-4026-ba84-6825bdcdcdb7",
"displayName": null,
"isInheritedRole": false
}
]
}
But when I'm checking ACL via Azure DevOps UI or API change is not applied (I still have 4 entities):
curl --location --request GET 'https://feeds.dev.azure.com/kagarlickij/_apis/packaging/Feeds/675fc46d-d757-42a9-b3f2-a12aca38057c/permissions?api-version=5.0-preview.1' \
--header 'Authorization: Basic O***E='
{
"count": 4,
"value": [
{
"role": "administrator",
"identityDescriptor": "Microsoft.IdentityModel.Claims.ClaimsIdentity;[email protected]",
"displayName": null,
"isInheritedRole": false
},
{
"role": "administrator",
"identityDescriptor": "Microsoft.TeamFoundation.Identity;S-1-9-1551374245-1343567041-101590592-3129239589-3184381367-0-0-0-0-1",
"displayName": null,
"isInheritedRole": true
},
{
"role": "contributor",
"identityDescriptor": "Microsoft.TeamFoundation.ServiceIdentity;7a539633-289b-4efc-ac2e-e475ef28cdc3:Build:c1341550-0e06-4026-ba84-6825bdcdcdb7",
"displayName": null,
"isInheritedRole": false
},
{
"role": "reader",
"identityDescriptor": "Microsoft.TeamFoundation.Identity;S-1-9-1551374245-1343567041-101590592-3129239589-3184381367-0-0-0-0-3",
"displayName": null,
"isInheritedRole": true
}
]
}
Any ideas why it fails and how make it work?