How to connect to Azure DevOps Connector from Azure Logic App using PAT
Currently using the Azure DevOps Connector inside an Azure Logic App (for updating say some work items in Azure DevOps) requires to authenticate with a browser session which by default takes the authentication credentials of the logged in Azure Portal user.
I would want this to be different user (with minimal privileges) than the logged in user or be able to control the privileges by supplying a PAT with limited scope.
How do I provision this since it seems to only provide option for logged in flow, even trying to change authentication by default picks up the logged in user details due to single sign on.I am not even seeing any option to edit the connected user details other than the display Name.
Any suggestions or pointers is appreciated ?
You can add a HTTP step in your azure logic app to call azure devops rest api. For below example, call update workitem rest api in HTTP step.
PATCH https://dev.azure.com/{organization}/{project}/_apis/wit/workitems/{id}?api-version=5.1
Click Add Step in your Logic App, search for and choose HTTP.
Then select the Method, type in the api Url, set the Authorization in Headers, set request Body
You need to convert your PAT to Base64 string, you can refer to below powershell script to convert the PAT to basic base64 string.
[System.Convert]::ToBase64String([System.Text.Encoding]::ASCII.GetBytes(":$($PAT)"))
Then add Basic before the converted Base64 string to Authorization Header.(eg. Authorization: Basic ==Base64string==)
