cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

How to receive azure devops session token via API?

evaalemftech
Copper Contributor

‎Jan 30 2023 04:11 AM - last edited on ‎Mar 05 2024 02:21 PM by

‎Jan 30 2023 04:11 AM - last edited on ‎Mar 05 2024 02:21 PM by

How to receive azure devops session token via API?

Hello,

Currently I'm testing an extension we're using for our azure devops team & the extension requires session token as a payload to get necessary information. While inspecting network and http calls I've noticed that an endpoint with url: https://dev.azure.com/{Organization}/_apis/WebPlatformAuth/SessionToken returns the session token that I need however I'm unable to figure out how to get it via api.  The requires payload looks like this:

{
    "appId": {appId},
    "name": null,
    "token": null,
    "force": null,
    "tokenType": 0
}

 

However after setting the appId value & adding PAT as authentification method to an endpoint returns this result:

{
    "$id": "1",
    "innerException": null,
    "message": "AccessDenied",
    "typeName": "Microsoft.VisualStudio.Services.DelegatedAuthorization.SessionTokenCreateException, Microsoft.VisualStudio.Services.WebApi",
    "typeKey": "SessionTokenCreateException",
    "errorCode": 0,
    "eventId": 3000
}


Anyone has any experience or knowledge how I could receive a session token for myself via API ? Appreciate the help in advance !

Labels:
2,194 Views
0 Likes
1 Reply
Reply
1 Reply
2MuchC0ff33

‎Feb 01 2023 10:02 PM

‎Feb 01 2023 10:02 PM

Re: How to receive azure devops session token via API?

Thank you for your questions,@evaalemftech

A POST request to the "https://dev.azure.com/Organization/ APIs/WebPlatformAuth/SessionToken" endpoint will return the Azure DevOps session token.

 

To make the request, include a JSON payload with the "appId" value and an authentication method, typically a Personal Access Token (PAT). Here's an example of a request that could be made with CURL:

curl -X POST \
  https://dev.azure.com/{Organization}/_apis/WebPlatformAuth/SessionToken \
  -H 'Authorization: Bearer {PAT}' \
  -H 'Content-Type: application/json' \
  -d '{
    "appId": "{appId}",
    "name": null,
    "token": null,
    "force": null,
    "tokenType": 0
}'

The appId is a string that identifies the app making the request, and the PAT is the authentication token.

If you receive an "Access denied" error, the PAT you are using might lack the necessary permissions to retrieve the session token.

 

For more information on the required permissions, see https://docs.microsoft.com/en-us/azure/devops/authentication/permission-scopes?view=azure-devops.

0 Likes
Reply