Forum Discussion
How to grant Service Principle access right to Azure Repos
In Azure Pipelines, we need to get source code of another organization's Azure Repos. Currently we use personal access token, but it links to a user who might leave the organization. Can we use a ser...
Thanks.
I encountered the same authentication error when creating Azure Repos Connection with the Service Principle's APP ID and secret.
So it is not workable to use Service Principle to access another organization's Azure Repository.
I encountered the same authentication error when creating Azure Repos Connection with the Service Principle's APP ID and secret.
So it is not workable to use Service Principle to access another organization's Azure Repository.
It is possible to use a service principal to access another organization's Azure Repositories, but it requires some additional steps to grant the necessary permissions.
First, you will need to ensure that the service principal has been granted access to the Azure DevOps organization where the repositories are located. This can be done by adding the service principal as a member of the Azure DevOps organization, and granting it the appropriate permissions.
Next, you will need to grant the service principal access to the specific Azure Repositories that you want to access. This can be done by going to the Azure Repositories security settings and adding the service principal as a contributor or a reader, depending on the level of access you require.
Once the service principal has been granted access to the Azure DevOps organization and the Azure Repositories, you can use its App ID and secret to authenticate your connection.
First, you will need to ensure that the service principal has been granted access to the Azure DevOps organization where the repositories are located. This can be done by adding the service principal as a member of the Azure DevOps organization, and granting it the appropriate permissions.
Next, you will need to grant the service principal access to the specific Azure Repositories that you want to access. This can be done by going to the Azure Repositories security settings and adding the service principal as a contributor or a reader, depending on the level of access you require.
Once the service principal has been granted access to the Azure DevOps organization and the Azure Repositories, you can use its App ID and secret to authenticate your connection.
Have added the service principle to the organization
Have granted the service principle "Project Reader" Role for the project
Have granted read access right to all repositories of the project.
But still got the error message when verify the service connection
- Kindly type error message over here
- Error Message when verify the service connection:
Failed to query service connection API: 'https://email address removed for privacy reasons/xxx/xxx/_git/xxxx/_apis/projects'. Status Code: 'Unauthorized', Response from server: ''
