Azure devops rest api bearer token

0
votes

i have some problems trying to use a bearer token when calling a rest api.

I tried two methods with the same result:

Method 1

I created an app registration in the azure portal, and gave it permissions to use devops api with user impersonation.

Method 2

I created an app in https://app.vsaex.visualstudio.com/ and gave it project/teams management permission.

Code

For my code, i used this (works when i use PAT to authenticate)

import requests
ADOtoken = 'obtained by microsoft example'
org = 'myorg'
projectName = 'test'
headers = {"Authorization": f"Bearer {ADOtoken}"}
requesturl = f"https://dev.azure.com/{org}/_apis/projects?api-version=6.0"
data  = {
                "name": projectName,
                "description": "description is requred",
                "capabilities": {
                    "versioncontrol": {
                    "sourceControlType": "Git"
                    },
                    "processTemplate": {
                    "templateTypeId": "6b724908-ef14-45cf-84f8-768b5384da45"
                    }
                }
            }
r = requests.post(requesturl, json = data, headers=headers)

Getting the token

I get the token by using this example: https://docs.microsoft.com/en-us/azure/active-directory/develop/quickstart-v2-python-webapp

I changed the scope to ['https://app.vssps.visualstudio.com/user_impersonation']

expected result

I expected to get an error to debug, or the project to be created

actual result

I get a 203 (redirect) and content is the azure devops login site

1
azurerestazure-devops
If my reply is helpful, please accept it as answer(click on the mark option beside the reply to toggle it from greyed out to fill in.), see meta.stackexchange.com/questions/5234/…Jason Pan

1 Answers

0
votes

Generate bearer token to invoke devops api, it works for me.

Add api permission on portal.

enter image description here

My test code:

import requests
import json

# get beartoken
beartoken=''

client_id = '<your_clientid>'
client_secret = '<your_secret>'
aadTenantDomain='<your_aadTenantDomain_like_microsoft.onmicrosoft.com>'
token_url = 'https://login.microsoftonline.com/'+aadTenantDomain+'/oauth2/token'
token_data = {
    'grant_type': 'client_credentials',
    'client_id': client_id,
    'client_secret': client_secret,
    'resource':'https://app.vssps.visualstudio.com/',
}
token_r = requests.get(token_url, data=token_data)
d = json.loads(token_r.text)
beartoken= d['access_token']
print(beartoken)

# request devops api for test

url='https://dev.azure.com/jasonp2deploy/deployappwithvirtualapp/_apis/build/builds?api-version=5.0'
body = "{\"previewRun\":false,\"stageToSkip=\": [],\"resources\": [], \"templateParameters\": [], \"variables\": []}"

headers = {
    'Authorization' : 'Bearer '+beartoken
}

r = requests.get(url, data=json.dumps(body), headers=headers)
print(r.status_code)

My test result:

enter image description here

Method 2

If you also want to use pat, you can refer my answer in below post.

How to solve azure devop api Object Moved result in python