how to generate a bearer token for Azure api, with microsoft api
I already managed to get a bearer token with Az cli, but I would like to find another way. I got a bearer token with a request POST to microsoft oauth2 api, but this token doesn't work.
At first, I tried the following request on postman :
Then, I got this token from the request :
I passed this token in the Authorization header for the request : https://dev.azure.com/{organization}/{project}/_apis/git/repositories?api-version=7.0.
The request doest work, with error 401 Unauthorized, and with the message "TF401444: Please sign-in at least once as xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx\xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx\xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx in a web browser to enable access to the service."
Initially, I too got same error when I ran Azure DevOps API call using token generated with wrong resource value like this:
GET https://dev.azure.com/{organization}/{project}/_apis/git/repositories?api-version=7.0
Response:
To resolve the error, you need to change resource value to 499b84ac-1321-427f-aa17-267ca6975798
In my case, I registered one Azure AD application and added it as user in Azure DevOps organization like this:
Now, I generated access token with resource value as 499b84ac-1321-427f-aa17-267ca6975798 via Postman as below:
POST https://login.microsoftonline.com/tenantId/oauth2/token
grant_type:client_credentials
client_id:appId
client_secret:secret
resource:499b84ac-1321-427f-aa17-267ca6975798
Response:
When I used above token to call Azure DevOps REST API, I got the response successfully with project details as below:
GET https://dev.azure.com/{organization}/{project}/_apis/git/repositories?api-version=7.0
Response:
- Azure PowerShell command to list all Azure VM SKU Sizes enabled for Confidential Computing Azure ACC
- Create Azure TimerTrigger Durable Function in python
- Azure File Share: Cannot map network drive
- RBAC with bicep
- ADF expression to convert array to comma separated string
- How to get status of Azure machine learning service pipeline run using Rest Api?
- How do I deploy a Nuxt 3 solution to an Azure Node Web App
- Azure Blob Upload not working in ASP .Net Core Application
- How to clear a Cosmos DB database or delete all items using Azure portal
- Using script commands, how to add multiple scale rules to an Azure Container App?
- User Assigned Managed Identity: No User Assigned or Delegated Managed Identity found for specified ClientId/ResourceId/PrincipalId
- Generate resources dynamically from another group of dynamically generated resources in Terraform
- Column reordering in ADF
- Logic App AuthorizationFailure - vnet integration needed
- Azure blob, controlling filename on download
- Azure VNet peering with Private Link
- Get Private FQDNs, IPs, Names of the Private Endpoints for the Azure resources deployed in an Virtual Network using PowerShell Script
- How to configure appsettings on a auto-generated preview environment
- Using Azure DevOps, how do I migrate a release pipeline to code, similar to build pipeline yml?
- Root login Ubuntu VM on Azure
- Filtering azure devops release build based upon build tag with "Continuous deployment trigger"
- Azure WebApp autoscale
- How to handle long startup times in Azure App Service deployment
- Frontend not available when front and back on same Web App Azure
- Use Salesforce Connectors from Hosted Azure Logic App in VSCode?
- What is considered an ingestion request in Azure Data Explorer?
- Provisioning (SCIM) by Entra/Azure: Why can I not select the "groups" attribute in my attribute mapping?
- Azure function verbose trace logging to Application Insights
- Azure function app GraphServiceClient create list
- Cypress tests fail to run in parallel mode due to mismatched specs between different runs