How to find Audience field for Active Directory OAuth Authentication? (How to send a post request to DevOps from Azure Logic App?)

问题

Please help me with this problem.

I'm trying to send a post request from Azure Logic App to the DevOps to create a release. I created an http action in my Logic App, This is the uri for creating a release: https://vsrm.dev.azure.com/{organization}/{project}/_apis/release/releases?api-version=5.0

I'm using Active Directory OAuth for authentication, which I need to provide tenant, client id, audience and secret.

I'm using tenant, client id and secret of my application in Azure Active Directory, but I'm not sure what to use for audience.

Can some one explain for me how to find this audience field? Do I need to do other things to connect to my DevOps? or define permissions or any other parameters for header?

回答1:

There will be two approaches for getting authenticated.

Use Azure AD Authentication.

The resource for DevOps is a static value: 499b84ac-1321-427f-aa17-267ca6975798. But, as the DevOps REST API can only set with delegated permission.

You need to use password grant flow to get token:

The token you get will be a bearer token.

The other option is to use personal access token. You can create one in DevOps portal.

And then use it as following:

try
{
    var personalaccesstoken = "PAT_FROM_WEBSITE";

    using (HttpClient client = new HttpClient())
    {
        client.DefaultRequestHeaders.Accept.Add(
            new System.Net.Http.Headers.MediaTypeWithQualityHeaderValue("application/json"));

        client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Basic",
            Convert.ToBase64String(
                System.Text.ASCIIEncoding.ASCII.GetBytes(
                    string.Format("{0}:{1}", "", personalaccesstoken))));

        using (HttpResponseMessage response = await client.GetAsync(
                    "https://dev.azure.com/{organization}/_apis/projects"))
        {
            response.EnsureSuccessStatusCode();
            string responseBody = await response.Content.ReadAsStringAsync();
            Console.WriteLine(responseBody);
        }
    }
}
catch (Exception ex)
{
    Console.WriteLine(ex.ToString());
}

Token you get in this way is a basic token.

来源：https://stackoverflow.com/questions/57152558/how-to-find-audience-field-for-active-directory-oauth-authentication-how-to-se

标签

azure

authentication

azure-active-directory

azure-logic-apps

azure-devops-rest-api