how to know if I can contribute to a branch with Azure rest Api?

Question

with Azure Devops REST API, I would like to know if I have the permission to contribute to a specific branch, I found the request to know if I have a permission but it only work on a repos, but not on a branch...

If its not possible to get a permission for a specific branch, I would like to get the role of the user, for exemple I could make a role with the permission I want, and ask if the user has this role.

I tried this :

GET https://dev.azure.com/{organization}/_apis/permissions/2e9eb7ed-3c0a-47d4-87c1-0ffdd275fd87/4?tokens=repoV2/{idProject}/{idRepos}/refs/heads/{Branch}&api-version=7.0

2e9eb7ed-3c0a-47d4-87c1-0ffdd275fd87/4 is the permission "contribute", this requests works but it ignores the refs/heads/Branch part, without this part the request returns the same : the repos permission and not the branch permissions. But we can manage branch permissions with Azure Devops.

Maybe the token is wrong written, but I didnt found any example of what it has to look like in the Microsoft documentation.

Answer 1

Actually you are checking in correct way, the rest api works on my side:

https://dev.azure.com/{organization}/_apis/permissions/2e9eb7ed-3c0a-47d4-87c1-0ffdd275fd87/4?tokens=repoV2/{idProject}/{idRepos}/refs/heads/{Branch}&api-version=7.0

Please double check the token format repoV2/{idProject}/{idRepos}/refs/heads/{Branch}, for the {branch} name, please don't use real branch name like main, test, but should be id.

You can get the token from rest api Access Control Lists - Query, notice branch id:

https://dev.azure.com/{org}/_apis/accesscontrollists/2e9eb7ed-3c0a-47d4-87c1-0ffdd275fd87?api-version=7.1-preview.1

Actually, you can find the deny:4 for the target user which means it doesn't have contribute permission on the branch.

Also in permission rest api above(id for branch name), it also returns false correctly.