User Profile
Jose_Carlos1835
Copper Contributor
Joined 2 years ago
User Widgets
Recent Discussions
Trouble retrieving Authorization Code using Oauth2 in Azure devops
I'm trying use OAuth2 autentication method as microsoft learn expose in this urlhttps://learn.microsoft.com/en-us/azure/devops/integrate/get-started/authentication/azure-devops-oauth?view=azure-devops I attach a postman collection with params of registered app. I notice that response of token endpointhttps://app.vssps.visualstudio.com/oauth2/tokenI need get authorization code from endpointhttps://app.vssps.visualstudio.com/oauth2/authorize,when I send the POST request login page appear, write MFA code and then when it suppossed to get the code a 404 alert screen shown below. These are registered app parameters Attach client_id (application id on page) as client_id header, scopevso.build_execute,state foo and response_type Assertion as documentation mentioned, on oauth protocol official page of o headers labels differ of documentation, as example grant_type must be authorization_code noturn:ietf:params:oauth:grant-type:jwt-bearer (request accept this type) if I change it get the next response: {"Error":"unsupported_grant_type","ErrorDescription":"grant_type must be the ietf jwt-bearer type, refresh_token, or client_credentials"} Whyhttps://app.vssps.visualstudio.com/oauth2/tokendoes not support authorization-code grant type when protocol says it is mandatory?? https://www.oauth.com/oauth2-servers/access-tokens/authorization-code-request/ Anyway main trouble is about retrieve authorization code fromhttps://app.vssps.visualstudio.com/oauth2/authorize?client_id=a7f5fffb-9645-4e14-8b16-7fb1cf37017d&response_type=Assertion&state=foo&scope=vso.build_execute Attach postman collection on this post { "info": { "_postman_id": "0c50a913-7913-4ad0-b180-dc89638dd530", "name": "AZURE", "schema": "https://schema.getpostman.com/json/collection/v2.1.0/collection.json", "_exporter_id": "21601577" }, "item": [ { "name": "RUN PIPELINE USING OAUTH", "protocolProfileBehavior": { "disableBodyPruning": true }, "request": { "auth": { "type": "oauth2", "oauth2": [ { "key": "client_authentication", "value": "header", "type": "string" }, { "key": "useBrowser", "value": true, "type": "boolean" }, { "key": "authRequestParams", "value": [ { "key": "response_type", "value": "Assertion", "enabled": true, "send_as": "request_url" }, { "key": "state", "value": "state", "enabled": true, "send_as": "request_url" }, { "key": "scope", "value": "vso.build_execute", "enabled": true, "send_as": "request_url" }, { "key": "client_id", "value": "A7F5FFFB-9645-4E14-8B16-7FB1CF37017D", "enabled": true, "send_as": "request_url" }, { "key": "redirect_url", "value": "https://dev.azure.com/jose-carlosnavarro/TESTING/_apis/pipelines/1/runs?api-version=7.1-preview.1", "enabled": false, "send_as": "request_url" }, { "key": "client_secret", "value": "eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsIng1dCI6Im9PdmN6NU1fN3AtSGpJS2xGWHo5M3VfVjBabyJ9.eyJjaWQiOiJhN2Y1ZmZmYi05NjQ1LTRlMTQtOGIxNi03ZmIxY2YzNzAxN2QiLCJjc2kiOiIwODlhMWIxMy0xYzk4LTRlNjAtYTAwZi02NjI5ZTAwM2UyYmUiLCJuYW1laWQiOiI0YmVlYTYxMS04YWJlLTRhMTctOGRhMC1hMmJkNTQwOTVhNDYiLCJpc3MiOiJhcHAudnN0b2tlbi52aXN1YWxzdHVkaW8uY29tIiwiYXVkIjoiYXBwLnZzdG9rZW4udmlzdWFsc3R1ZGlvLmNvbSIsIm5iZiI6MTY5OTM2MjY0MSwiZXhwIjoxODU3MjE1NDQxfQ.1hZ3_j1B4maKfz_Hrwuds95P41uWR96GimYN-PEYFAM40LqeEtNop2PhQqTf6nDL8CZfeITGmqipsYYfL98jk61z_9jcGBkHLWu-6VpKNwPd8c7uqEIHHQeQvOocRijHtQnlHGLETSy5IzRs6csDWnvrjpZNAU4TrALecWVMiocHZF6wqYsyReRzvPNpynoSFQQoOlrPdDVqRjsL05nmnE2BIwlDPuKWK9kuzFBGuaAQ0fiykA57SWpcpyyPxVbMhBqEo-NvHPTqh2heQbSvsuBuVKzeLjNVuaFpcyb-R6TweGzS5dU1cHcRWnqWRxcPLPr1EpeEkRseOtg9q1EWjw", "enabled": true, "send_as": "request_url" } ], "type": "any" }, { "key": "tokenRequestParams", "value": [ { "key": "client_assertion_type", "value": "urn:ietf:params:oauth:client-assertion-type:jwt-bearer", "enabled": true, "send_as": "request_header" }, { "key": "client_secret", "value": "eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsIng1dCI6Im9PdmN6NU1fN3AtSGpJS2xGWHo5M3VfVjBabyJ9.eyJjaWQiOiJhN2Y1ZmZmYi05NjQ1LTRlMTQtOGIxNi03ZmIxY2YzNzAxN2QiLCJjc2kiOiIwODlhMWIxMy0xYzk4LTRlNjAtYTAwZi02NjI5ZTAwM2UyYmUiLCJuYW1laWQiOiI0YmVlYTYxMS04YWJlLTRhMTctOGRhMC1hMmJkNTQwOTVhNDYiLCJpc3MiOiJhcHAudnN0b2tlbi52aXN1YWxzdHVkaW8uY29tIiwiYXVkIjoiYXBwLnZzdG9rZW4udmlzdWFsc3R1ZGlvLmNvbSIsIm5iZiI6MTY5OTM2MjY0MSwiZXhwIjoxODU3MjE1NDQxfQ.1hZ3_j1B4maKfz_Hrwuds95P41uWR96GimYN-PEYFAM40LqeEtNop2PhQqTf6nDL8CZfeITGmqipsYYfL98jk61z_9jcGBkHLWu-6VpKNwPd8c7uqEIHHQeQvOocRijHtQnlHGLETSy5IzRs6csDWnvrjpZNAU4TrALecWVMiocHZF6wqYsyReRzvPNpynoSFQQoOlrPdDVqRjsL05nmnE2BIwlDPuKWK9kuzFBGuaAQ0fiykA57SWpcpyyPxVbMhBqEo-NvHPTqh2heQbSvsuBuVKzeLjNVuaFpcyb-R6TweGzS5dU1cHcRWnqWRxcPLPr1EpeEkRseOtg9q1EWjw", "enabled": true, "send_as": "request_header" }, { "key": "grant_type", "value": "client_credentials", "enabled": true, "send_as": "request_header" }, { "key": "assertion", "value": "code", "enabled": false, "send_as": "request_header" }, { "key": "client_id", "value": "a7f5fffb-9645-4e14-8b16-7fb1cf37017d", "enabled": true, "send_as": "request_body" }, { "key": "client_assertion", "value": "eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsIng1dCI6Im9PdmN6NU1fN3AtSGpJS2xGWHo5M3VfVjBabyJ9.eyJjaWQiOiJhN2Y1ZmZmYi05NjQ1LTRlMTQtOGIxNi03ZmIxY2YzNzAxN2QiLCJjc2kiOiIwODlhMWIxMy0xYzk4LTRlNjAtYTAwZi02NjI5ZTAwM2UyYmUiLCJuYW1laWQiOiI0YmVlYTYxMS04YWJlLTRhMTctOGRhMC1hMmJkNTQwOTVhNDYiLCJpc3MiOiJhcHAudnN0b2tlbi52aXN1YWxzdHVkaW8uY29tIiwiYXVkIjoiYXBwLnZzdG9rZW4udmlzdWFsc3R1ZGlvLmNvbSIsIm5iZiI6MTY5OTM2MjY0MSwiZXhwIjoxODU3MjE1NDQxfQ.1hZ3_j1B4maKfz_Hrwuds95P41uWR96GimYN-PEYFAM40LqeEtNop2PhQqTf6nDL8CZfeITGmqipsYYfL98jk61z_9jcGBkHLWu-6VpKNwPd8c7uqEIHHQeQvOocRijHtQnlHGLETSy5IzRs6csDWnvrjpZNAU4TrALecWVMiocHZF6wqYsyReRzvPNpynoSFQQoOlrPdDVqRjsL05nmnE2BIwlDPuKWK9kuzFBGuaAQ0fiykA57SWpcpyyPxVbMhBqEo-NvHPTqh2heQbSvsuBuVKzeLjNVuaFpcyb-R6TweGzS5dU1cHcRWnqWRxcPLPr1EpeEkRseOtg9q1EWjw", "enabled": true, "send_as": "request_body" } ], "type": "any" }, { "key": "tokenName", "value": "code", "type": "string" }, { "key": "grant_type", "value": "authorization_code", "type": "string" }, { "key": "clientSecret", "value": "eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsIng1dCI6Im9PdmN6NU1fN3AtSGpJS2xGWHo5M3VfVjBabyJ9.eyJjaWQiOiJhN2Y1ZmZmYi05NjQ1LTRlMTQtOGIxNi03ZmIxY2YzNzAxN2QiLCJjc2kiOiIwODlhMWIxMy0xYzk4LTRlNjAtYTAwZi02NjI5ZTAwM2UyYmUiLCJuYW1laWQiOiI0YmVlYTYxMS04YWJlLTRhMTctOGRhMC1hMmJkNTQwOTVhNDYiLCJpc3MiOiJhcHAudnN0b2tlbi52aXN1YWxzdHVkaW8uY29tIiwiYXVkIjoiYXBwLnZzdG9rZW4udmlzdWFsc3R1ZGlvLmNvbSIsIm5iZiI6MTY5OTM2MjY0MSwiZXhwIjoxODU3MjE1NDQxfQ.1hZ3_j1B4maKfz_Hrwuds95P41uWR96GimYN-PEYFAM40LqeEtNop2PhQqTf6nDL8CZfeITGmqipsYYfL98jk61z_9jcGBkHLWu-6VpKNwPd8c7uqEIHHQeQvOocRijHtQnlHGLETSy5IzRs6csDWnvrjpZNAU4TrALecWVMiocHZF6wqYsyReRzvPNpynoSFQQoOlrPdDVqRjsL05nmnE2BIwlDPuKWK9kuzFBGuaAQ0fiykA57SWpcpyyPxVbMhBqEo-NvHPTqh2heQbSvsuBuVKzeLjNVuaFpcyb-R6TweGzS5dU1cHcRWnqWRxcPLPr1EpeEkRseOtg9q1EWjw", "type": "string" }, { "key": "clientId", "value": "a7f5fffb-9645-4e14-8b16-7fb1cf37017d", "type": "string" }, { "key": "addTokenTo", "value": "header", "type": "string" }, { "key": "authUrl", "value": "https://app.vssps.visualstudio.com/oauth2/authorize", "type": "string" }, { "key": "accessTokenUrl", "value": "https://app.vssps.visualstudio.com/oauth2/token", "type": "string" }, { "key": "state", "value": "user1", "type": "string" }, { "key": "scope", "value": "vso.build_execute", "type": "string" } ] }, "method": "GET", "header": [ { "key": "Authorization", "value": "Bearer {{token}}", "type": "text" } ], "body": { "mode": "urlencoded", "urlencoded": [] }, "url": { "raw": "https://dev.azure.com/jose-carlosnavarro/TESTING/_apis/pipelines/1/runs?api-version=7.1-preview.1", "protocol": "https", "host": [ "dev", "azure", "com" ], "path": [ "jose-carlosnavarro", "TESTING", "_apis", "pipelines", "1", "runs" ], "query": [ { "key": "api-version", "value": "7.1-preview.1" } ] } }, "response": [] }, { "name": "TOKEN ADO", "protocolProfileBehavior": { "disabledSystemHeaders": {} }, "request": { "auth": { "type": "noauth" }, "method": "POST", "header": [ { "key": "assertion", "value": "572247", "type": "text", "disabled": true }, { "key": "client_id", "value": "a7f5fffb-9645-4e14-8b16-7fb1cf37017d", "type": "text", "disabled": true }, { "key": "client_secret", "value": "eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsIng1dCI6Im9PdmN6NU1fN3AtSGpJS2xGWHo5M3VfVjBabyJ9.eyJjaWQiOiJhN2Y1ZmZmYi05NjQ1LTRlMTQtOGIxNi03ZmIxY2YzNzAxN2QiLCJjc2kiOiIwODlhMWIxMy0xYzk4LTRlNjAtYTAwZi02NjI5ZTAwM2UyYmUiLCJuYW1laWQiOiI0YmVlYTYxMS04YWJlLTRhMTctOGRhMC1hMmJkNTQwOTVhNDYiLCJpc3MiOiJhcHAudnN0b2tlbi52aXN1YWxzdHVkaW8uY29tIiwiYXVkIjoiYXBwLnZzdG9rZW4udmlzdWFsc3R1ZGlvLmNvbSIsIm5iZiI6MTY5OTM2MjY0MSwiZXhwIjoxODU3MjE1NDQxfQ.1hZ3_j1B4maKfz_Hrwuds95P41uWR96GimYN-PEYFAM40LqeEtNop2PhQqTf6nDL8CZfeITGmqipsYYfL98jk61z_9jcGBkHLWu-6VpKNwPd8c7uqEIHHQeQvOocRijHtQnlHGLETSy5IzRs6csDWnvrjpZNAU4TrALecWVMiocHZF6wqYsyReRzvPNpynoSFQQoOlrPdDVqRjsL05nmnE2BIwlDPuKWK9kuzFBGuaAQ0fiykA57SWpcpyyPxVbMhBqEo-NvHPTqh2heQbSvsuBuVKzeLjNVuaFpcyb-R6TweGzS5dU1cHcRWnqWRxcPLPr1EpeEkRseOtg9q1EWjw", "type": "text", "disabled": true }, { "key": "grant_type", "value": "ietf jwt-bearer", "type": "text", "disabled": true } ], "body": { "mode": "urlencoded", "urlencoded": [ { "key": "grant_type", "value": "code", "description": "GRANT TYPE DEFINIDO", "type": "text" }, { "key": "client_id", "value": "a7f5fffb-9645-4e14-8b16-7fb1cf37017d", "type": "text" }, { "key": "client_assertion", "value": "Ing1dCI6Im9PdmN6NU1fN3AtSGpJS2xGWHo5M3VfVjBabyJ9.eyJjaWQiOiJhN2Y1ZmZmYi05NjQ1LTRlMTQtOGIxNi03ZmIxY2YzNzAxN2QiLCJjc2kiOiIwODlhMWIxMy0xYzk4LTRlNjAtYTAwZi02NjI5ZTAwM2UyYmUiLCJuYW1laWQiOiI0YmVlYTYxMS04YWJlLTRhMTctOGRhMC1hMmJkNTQwOTVhNDYiLCJpc3MiOiJhcHAudnN0b2tlbi52aXN1YWxzdHVkaW8uY29tIiwiYXVkIjoiYXBwLnZzdG9rZW4udmlzdWFsc3R1ZGlvLmNvbSIsIm5iZiI6MTY5OTM2MjY0MSwiZXhwIjoxODU3MjE1NDQxfQ.1hZ3_j1B4maKfz_Hrwuds95P41uWR96GimYN-PEYFAM40LqeEtNop2PhQqTf6nDL8CZfeITGmqipsYYfL98jk61z_9jcGBkHLWu-6VpKNwPd8c7uqEIHHQeQvOocRijHtQnlHGLETSy5IzRs6csDWnvrjpZNAU4TrALecWVMiocHZF6wqYsyReRzvPNpynoSFQQoOlrPdDVqRjsL05nmnE2BIwlDPuKWK9kuzFBGuaAQ0fiykA57SWpcpyyPxVbMhBqEo-NvHPTqh2heQbSvsuBuVKzeLjNVuaFpcyb-R6TweGzS5dU1cHcRWnqWRxcPLPr1EpeEkRseOtg9q1EWjw", "description": "CLIENT SECRET GENERADO AL REGISTRAR LA PALICACION", "type": "text" }, { "key": "assertion", "value": "NV1Ojxy7sz0UTNemw-UFh3efViRpWOZqEVwTBz9YPiPGemcM", "description": "CODIGO QUE DEVUELVE EL REDIRECT URI DE AUTHORIZE ENDPOINT", "type": "text" }, { "key": "client_assertion_type", "value": "urn:ietf:params:oauth:client-assertion-type:jwt-bearer", "type": "text" }, { "key": "client_secret", "value": "Ing1dCI6Im9PdmN6NU1fN3AtSGpJS2xGWHo5M3VfVjBabyJ9.eyJjaWQiOiJhN2Y1ZmZmYi05NjQ1LTRlMTQtOGIxNi03ZmIxY2YzNzAxN2QiLCJjc2kiOiIwODlhMWIxMy0xYzk4LTRlNjAtYTAwZi02NjI5ZTAwM2UyYmUiLCJuYW1laWQiOiI0YmVlYTYxMS04YWJlLTRhMTctOGRhMC1hMmJkNTQwOTVhNDYiLCJpc3MiOiJhcHAudnN0b2tlbi52aXN1YWxzdHVkaW8uY29tIiwiYXVkIjoiYXBwLnZzdG9rZW4udmlzdWFsc3R1ZGlvLmNvbSIsIm5iZiI6MTY5OTM2MjY0MSwiZXhwIjoxODU3MjE1NDQxfQ.1hZ3_j1B4maKfz_Hrwuds95P41uWR96GimYN-PEYFAM40LqeEtNop2PhQqTf6nDL8CZfeITGmqipsYYfL98jk61z_9jcGBkHLWu-6VpKNwPd8c7uqEIHHQeQvOocRijHtQnlHGLETSy5IzRs6csDWnvrjpZNAU4TrALecWVMiocHZF6wqYsyReRzvPNpynoSFQQoOlrPdDVqRjsL05nmnE2BIwlDPuKWK9kuzFBGuaAQ0fiykA57SWpcpyyPxVbMhBqEo-NvHPTqh2heQbSvsuBuVKzeLjNVuaFpcyb-R6TweGzS5dU1cHcRWnqWRxcPLPr1EpeEkRseOtg9q1EWjw", "type": "text", "disabled": true }, { "key": "code", "value": "238227", "type": "text", "disabled": true } ] }, "url": { "raw": "https://app.vssps.visualstudio.com/oauth2/token", "protocol": "https", "host": [ "app", "vssps", "visualstudio", "com" ], "path": [ "oauth2", "token" ] } }, "response": [] }, { "name": "AUTHORIZE", "event": [ { "listen": "test", "script": { "exec": [ "" ], "type": "text/javascript" } } ], "request": { "method": "POST", "header": [], "url": { "raw": "https://app.vssps.visualstudio.com/oauth2/authorize?client_id=a7f5fffb-9645-4e14-8b16-7fb1cf37017d&response_type=Assertion&state=user1&scope=vso.build_execute", "protocol": "https", "host": [ "app", "vssps", "visualstudio", "com" ], "path": [ "oauth2", "authorize" ], "query": [ { "key": "client_id", "value": "a7f5fffb-9645-4e14-8b16-7fb1cf37017d" }, { "key": "response_type", "value": "Assertion" }, { "key": "state", "value": "user1" }, { "key": "scope", "value": "vso.build_execute" }, { "key": "redirect_uri", "value": "https://app.vssps.visualstudio.com/oauth2/authorize", "disabled": true } ] } }, "response": [] } ] } I thank you very much for your help Best Regards
