I am able to call this end point https://dev.azure.com/${MY_ORG}/${MY_PROJECT}/_apis/build/builds/${BUILD_ID}
just fine using a Personal Access Token to authenticate, while testing the application.
But for the real application I needed to use a Service Principal. I created the Service Principal, created the service connection in my Azure DevOps project, and gave the Service Principal permission for Azure DevOps API. I am able to attain the access token using this end point:
curl -d "grant_type=client_credentials&client_secret=<client_secret>&client_id=<client_id>"
-X POST https://login.microsoftonline.com/<tenant_id>/oauth2/token
But when I use that access token to make the call to DevOps API:
curl -H "Authorization: Bearer ${TOKEN}" https://dev.azure.com/${MY_ORG}/${MY_PROJECT}/_apis/build/builds/${BUILD_ID}
I get this html response instead:
<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="https://spsprodcus3.vssps.visualstudio.com/_signin?realm=dev.azure.com&...>here</a>.</h2>
</body></html>
How is the access token supposed to be used?