Forum Discussion

Ahoeck's avatar
Ahoeck
Copper Contributor
Mar 15, 2024

Authenticate Azure Repositories in Pipelines

Hi,

 

I'm trying to use Julia's LocalRegistry with Azure DevOps.

LocalRegistry is basically a Git Repository with references to other Git repositories.

 

In Azure DevOps I can checkout additional repositories using the following syntax: 

 

resources:
 repositories:
 - repository: ProjectA
   type: git
   name: ProjectA/GitA
(...)
- checkout: ProjectA

 

 

However, Julia's LocalRegistry just uses the direct git repo URL and uses an internal git manager to pull the repo and find references. So, per design, I don't use the checkout-feature from DevOps but let Julia clone the Git repo internally.

For this step, I can just put a PAT (and here, the SystemAccessToken is not working for me?), put it in the Git-Repo URL and use this for the LocalRegistry.

 

However, I can't include a PAT into the Git-URL-References on the Registry Repo. Thus, Julias LocalRegistry can successfully obtain a copy of the current index, but it fails when it comes to actually pull other projects using the Package Manager with the following error message: 

 

 error: GitError(Code:EUSER, Class:Callback, Aborting, user cancelled credential request.)

 

 

What could I do here? How can I add the required credentials? 

2 Replies

Sort By
  • Kidd_Ip's avatar
    Kidd_Ip
    MVP
    Jul 18, 2025

    You may try:

     

    1. Use Git Global Config with PAT

    You can configure Git globally to rewrite Azure DevOps URLs to include your PAT automatically:

    git config --global url."https://<PAT>@dev.azure.com/".insteadOf "https://dev.azure.com/"

    This forces Git to use your PAT whenever Julia tries to clone a repo from Azure DevOps. 

     

    1. Use Git Credential Manager

    Install and configure Git Credential Manager to securely store and inject credentials. 

     

    1. Switch to Microsoft Entra OAuth Tokens

    If you want a more secure and modern approach, you can use Microsoft Entra tokens (formerly Azure AD) with Git:

    az login
az account get-access-token --resource 499b84ac-1321-427f-aa17-267ca6975798 --query "accessToken" --output tsv

    Then inject the token into Git using:

    git -c http.extraheader="AUTHORIZATION: bearer <accessToken>" clone https://dev.azure.com/yourOrg/yourProject/_git/yourRepo

    This method is more secure than embedding PATs in URLs.

     

    1. Use a Dedicated Service Account

    Create a service account in Azure AD specifically for DevOps automation. Generate a PAT under that account and use it in your Git config. This avoids tying automation to a personal account that might expire or be deleted.

    • Ahoeck's avatar
      Ahoeck
      Copper Contributor
      Jul 18, 2025

      Thank you for this perfect answer.


      Actually, the Git GCM works perfectly fine with julia.

Resources