Azure Devops REST API authentication failing when using Azure Active Directory
I am using the adal4j Java library to authenticate Azure DevOps REST API calls through Azure Active Directory. I am able to authenticate using Personal Access Tokens but not using Active directory. This is the code I have been running:
AuthenticationResult result = null;
ExecutorService service = null;
try {
service = Executors.newFixedThreadPool(1);
AuthenticationContext context = new AuthenticationContext("https://login.microsoftonline.com/" + tenantId + "/", false, service);
if (clientId != null && clientKey != null) {
ClientCredential credentials = new ClientCredential(clientId, clientKey);
Future<AuthenticationResult> future = context.acquireToken("499b84ac-1321-427f-aa17-267ca6975798", credentials, null);
result = future.get();
}
} finally {
if (service != null) {
service.shutdown();
}
}
I get the following error:
StatusCode: 203, ReasonPhrase: 'Non-Authoritative Information'
It tries to redirect to this sign-in page:
https://spsprodsin1.vssps.visualstudio.com/_signin?realm=...
I have already connected to Azure Active Directory from the Azure DevOps organization setting with the correct directory/tenant. And I have also added Azure DevOps user_impersonation permissions (delegated) in the app registration.
What I am doing wrong here and how can I fix the problem?
user_impersonation means that this API can only be called with user permission. However, you get the token with client credential which only has application permission.
To get a token for a user, you can try the following codes:
public static AuthenticationResult GetToeknWithPasswordForDevOps(String username, String password){
ExecutorService service = Executors.newFixedThreadPool(1);
AuthenticationContext context = null;
AuthenticationResult result = null;
try {
context = new AuthenticationContext(AUTHORITY, true, service);
Future<AuthenticationResult> future = context.acquireToken("499b84ac-1321-427f-aa17-267ca6975798", "{your publuc app client id}", username, password, null);
result = future.get();
} catch (InterruptedException e) {
e.printStackTrace();
} catch (ExecutionException e) {
e.printStackTrace();
} catch (MalformedURLException e) {
e.printStackTrace();
} finally {
service.shutdown();
}
return result;
}
- Listing the Tables in the Storage Account using ADF Web Activity is failed with an authorization error
- Terraform with Azure Key Vault to get secret value
- No value provided for parameter `container_name` in the Get Metadata1 activity
- Pagination with oauth azure data factory
- Using Managed Identity to connect to a queue from a WebJob
- How to integrate GPT-4 model hosted on Azure with the gptstudio package?
- Azure - Virtual network Gateway vs VPN gateways
- Azure CLI won't login on MacOS
- Replicating Azure SQL DB and blob storage in multi region setup
- Reading Azure Entra ID Diagnostic Settings
- Azure Traffic Manager Endpoint: The following locations specified in the geoMapping property for endpoint are not supported
- Assign specific agent on Azure DevOps YAML Pipelines
- GetBlob request is failing, when PutBlob and ListBlob are successfull
- Scheduled alert rule created in Terraform doesn't work
- New NIC with public IP has no internet connection, while existing NIC works fine
- BlobClient#generateSasUrl automatically %-encode blob path
- How to do copy of all the containers without explicitly mentioning in the array between two different storage accounts
- Azure Application Gateway WAF with False Positive on SQL Injection
- Application ID URI Throwing Error in Azure AD App Registration using Terraform
- Is it possible to use email name other than "DoNotReply" in Azure Email Communication Services?
- installing an SSL on Azure ubuntu web server
- How do I add a Spring Initializr dependency (eg Microsoft Azure) after the project is created?
- NvidiaGpuDriverLinux fails to install on NC6 instance
- How to get client secret expiry date using the azure AD graph API
- Can't get OneNote data using graph api from microsoft
- Adding Custom Python library in Azure Synapse
- Cannot run .NET Core application on Linux in Azure App Services with linuxFxVersion: 'DOTNETCORE:8.0'
- Unable to connect from Azure data factory to postgres flexible server using private endpoint
- Microsoft graph return "access token is empty"
- How to use empty disk spaces under /dev/sdb1 on Azure?