C
C#2y ago
JustiPhi

❔ Azure DevOps API Authentication issue (Managed Identity)

I am currently trying to add authentication to Azure managed Identity using Azure.Identity and Azure.Core in the following code: 
var azureCredential = new DefaultAzureCredential();
var context = new TokenRequestContext(new string[] { $"{DevOpsURL}/.default" });
var token = await azureCredential.GetTokenAsync(context);

return token.Token;
var azureCredential = new DefaultAzureCredential();
var context = new TokenRequestContext(new string[] { $"{DevOpsURL}/.default" });
var token = await azureCredential.GetTokenAsync(context);

return token.Token;
I successfully get the token but when I try to use it in a bearer token auth header to get projects from 
$"{DevOpsURL}/_apis/projects?api-version=7.0";
$"{DevOpsURL}/_apis/projects?api-version=7.0";
I get the following error 
TF400813: The user 'aaaaaaaa-aaaa-aaaa-aaaa-aaaaaaaaaaaa' is not authorized to access this resource."
TF400813: The user 'aaaaaaaa-aaaa-aaaa-aaaa-aaaaaaaaaaaa' is not authorized to access this resource."
is there anything im missing as using a PAT (basic token auth header) from my own account works with the same fetch but using the managed identity one seems to not associate with an account the app is running through azure app services and it is a system managed identity Thanks
20 Replies
Unknown User
Unknown User2y ago
Message Not Public
Sign In & Join Server To View
Henkypenky
Henkypenky2y ago
seems like it's not available yet
Henkypenky
Henkypenky2y ago
Henkypenky
Henkypenky2y ago
public preview is also sometimes public gated preview, you may need to send an email and they do some tweaks behind the scenes to fix it for you
Unknown User
Unknown User2y ago
Message Not Public
Sign In & Join Server To View
Henkypenky
Henkypenky2y ago
oh yeah that's probably it
Unknown User
Unknown User2y ago
Message Not Public
Sign In & Join Server To View
Henkypenky
Henkypenky2y ago
paging justiphi, pagin justiphi
JustiPhi
JustiPhiOP2y ago
Sorry had a busy afternoon
Unknown User
Unknown User2y ago
Message Not Public
Sign In & Join Server To View
JustiPhi
JustiPhiOP2y ago
I feel like that's kinda weird because I am able to get a token, though I understand it may be a thing to contact Microsoft about, failing this what would be the best way to authenticate, the goal is to have a secure method I can use that won't cause me to have to regenerate a token every few months
Unknown User
Unknown User2y ago
Message Not Public
Sign In & Join Server To View
JustiPhi
JustiPhiOP2y ago
So maybe if I increase the version of the devops call that could fix it?
Unknown User
Unknown User2y ago
Message Not Public
Sign In & Join Server To View
MODiX
MODiX2y ago
JustiPhi
JustiPhiOP2y ago
Think I'm understanding a bit better now Will talk to the azure services admin at work tomorrow (11:40pm is probably a bit late to contact him lol)
Unknown User
Unknown User2y ago
Message Not Public
Sign In & Join Server To View
JustiPhi
JustiPhiOP2y ago
I assume youre meaning using a PAT?
Unknown User
Unknown User2y ago
Message Not Public
Sign In & Join Server To View
Accord
Accord2y ago
Was this issue resolved? If so, run /close - otherwise I will mark this as stale and this post will be archived until there is new activity.
Want results from more Discord servers?
Add your server