Luukv93
Reputation: 349
Token authentication (instead of PAT token) to Azure DevOps REST API via Azure DevOps Pipeline
I need to use the Azure DevOps Rest API in an Azure DevOps Pipeline. I know it's possible to connect through a PAT token, but there should be a way to use service principal to connect to Azure?
What do I have to change to obtain a bearer token when I run below's code in an Azure DevOps Pipeline?
Connect-AzAccount -WarningAction 'SilentlyContinue' | Out-Null
$Token = (Get-AzAccessToken -ResourceUrl "499b84ac-1321-427f-aa17-267ca6975798").Token # Resource url is for Azure DevOps REST API source: https://stackoverflow.com/questions/69996528/authenticate-azure-devops-api-call-without-using-a-pat
$AzureDevOpsAuthenticationHeader = @{Authorization = 'Bearer ' + $Token }
Upvotes: 1
Views: 2244
Answers (1)
Delliganesh Sevanesan
Reputation: 4776
As per the MS DOC Currently, it is not possible. Azure DevOps API doesn't support non-interactive service access via service principals.
There is no access control of service principal in Azure DevOps.
Non- interactive ways follows
- PAT (Most Recommended way)
- Azure AD ROPC flow (Not recommended because while request we have expose the username and password)
Refer here for more information
Upvotes: 2
Related Questions
- Powershell Invoke-RestMethod not authenticated with PAT for Azure DevOps
- How to use Service Principal Authentication (Bearer Token) in Powershell for DevOps without being asked to sign in?
- Azure devops rest api bearer token
- Execute RestAPI Azure DevOps Services - Authentication with username & Password no PAT
- Authenticate Azure Devops Api call without using a PAT?
- need to add authentication header to azure devops api request
- Add SSH key to Azure DevOps pipeline user via DevOps Rest API
- Authenticate powershell script using AccessToken
- Unable to authenticate against Azure DevOps _apis/distributedtask/variablegroups using PAT
- Authenticate Azure Pipelines Powershell task against Azure DevOps Rest API