Azure-devops-docs: Authentication using PAT for Azure DevOps GIT Rest API

Created on 11 Apr 2019  Â·  5Comments  Â·  Source: MicrosoftDocs/azure-devops-docs

See https://github.com/MicrosoftDocs/vsts-docs/issues/2455#issuecomment-439503194. I learnt that by using the URL in the form "https://<user>:<PAT>@dev.azure.com/..." I can do a git clone with no extra headers or authentication.
I wanted to do the same thing with the REST API to access Items (See Items Rest API https://docs.microsoft.com/en-us/rest/api/azure/devops/git/items/get?view=azure-devops-rest-5.0).
For example, I want to authenticate the following API call using the above way if possible -
GET https://dev.azure.com/{organization}/{project}/_apis/git/repositories/{repositoryId}/items?path={path}&api-version=5.0

Is it possible, or am I misinformed about this possibility?

Document Details

⚠ Do not edit this section. It is required for docs.microsoft.com ➟ GitHub issue linking.

devops-ecosystetech devopprod
Source
picture nikhilepicor

Most helpful comment

Finally able to find what was happening. When encoding to base64 I was only using the PAT. Instead the format "{username}:{pat}" must be used, which in this case user is empty:

var authToken =  Convert.ToBase64String(Encoding.ASCII.GetBytes($":{accessToken}"));
httpClient.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Basic", authToken);
picture nuno-barreiro on 29 Apr 2019
👍7

All 5 comments

Similiar issue here when trying to use PAT to authorize the creation of a new release. I'm trying to make a POST to https://vsrm.dev.azure.com/{organizationId}/{projectId}/_apis/Release/releases?api-version=5.0 with the header "Authorization: Basic {BASE64 Encoded Token}" (similiar code as example above). I'm always getting a 203 Non-Authorative response, even after adding full permissions to the PAT in use. Can someone help with this?

nuno-barreiro picture nuno-barreiro on 24 Apr 2019
👍1

Hi @nikhilepicor and @lusocoding, I've engaged one of our experts, @JimsonChalissery , so he should be able to help you shortly. Thank you!

chcomley picture chcomley on 24 Apr 2019

Some tools like Postman apply base64 encoding by default. So if you are trying the APIs via tools like Postman there is no need to apply base64 encoding. Try this and see it that helps.

JimsonChalissery picture JimsonChalissery on 25 Apr 2019

Hi @JimsonChalissery, for me that's not the case. I'm trying to call the REST API either via C# HttpClient or via curl request. Not using any of those tools. I followed the C# example in the documentation and the way the authorization header is being set is exactly the same.

nuno-barreiro picture nuno-barreiro on 25 Apr 2019

Finally able to find what was happening. When encoding to base64 I was only using the PAT. Instead the format "{username}:{pat}" must be used, which in this case user is empty:

var authToken =  Convert.ToBase64String(Encoding.ASCII.GetBytes($":{accessToken}"));
httpClient.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Basic", authToken);
nuno-barreiro picture nuno-barreiro on 29 Apr 2019
👍7
Was this page helpful?
0 / 5 - 0 ratings

Related issues

robinmanuelthiel picture robinmanuelthiel  Â·  3Comments
EM1L picture EM1L  Â·  3Comments
anlatsko picture anlatsko  Â·  3Comments
letmaik picture letmaik  Â·  3Comments
LennartAJansson picture LennartAJansson  Â·  3Comments