I'm trying to create a PAT on my Azure Devops Server through the restful API, as described here:
I have access to the PAT creation screen on my Azure Devops Server instance.
I can access any other APIs under my hosted Azure Devops Server instance except the tokens/pats
one that allows me to programmatically create a PAT.
For example, this works fine:
Invoke-WebRequest -Method Get -UseDefaultCredentials -ContentType Application/JSON `
-Uri "$myAzDOServer/_apis/projects?api-version=7.0-preview.1"
Gives me a nice pile of json about my projects.
This does not:
Invoke-WebRequest -Method Post -UseDefaultCredentials -ContentType Application/JSON `
-Uri "$myAzDOServer/_apis/tokens/pats?api-version=7.0-preview.1" `
-Body ([PSCustomObject]@{
displayName = "test_token"
scope = "app_token"
validTo = (Get-Date (Get-Date).AddDays(1) -Format "o")
allOrgs = $false
} | ConvertTo-Json)
It always returns a 403. "The requested operation is not allowed."
Googling around there's some story of needing to use a different token with this particular API, but the exact way to do that with a hosted AzDO Server instance and a hosted AD is very unclear.
edit: I notice I can't view the API documentation for any Azure Devops Server versions, only Azure Devops Services (the cloud version) - https://learn.microsoft.com/en-us/rest/api/azure/devops/tokens/pats/create?view=azure-devops-rest-7.0 - does this mean MS doesn't support this API on hosted Azure Devops Server?
Any help would be appreciated.
I am afraid that the PAT related Rest APIs doesn't support being used in Azure DevOps On-Prem Server.
When we select the Azure DevOps Server version in Rest API doc, it will show the warning: You have been redirected to the newest product version available for this page.
For example:
This means that the Rest API doesn't support being used in Azure DevOps On-Prem Server. It only can be used in Azure DevOps Service.
I can fully understand your requirement. You can submit a suggest ticket in the site: Developer Community to report this feature