User Profile
NirHazan
Copper Contributor
Joined 12 months ago
User Widgets
Recent Discussions
Authenticate Azure DevOps API Using Entra ID Managed Identity (Python)
I need my Python script to authenticate Azure DevOps API using the System Assigned Managed Identity of the VM it is running on. To do that, I use azure.identity to get the managed identity token from management.azure.com resource URI (I tried different URIs and none seems to work including the ARM): from azure.identity import ManagedIdentityCredential credential = ManagedIdentityCredential() token = credential.get_token('https://management.azure.com') print(token.token) And then use this token as Bearer token in the Authorization header. It keeps on failing and returns me an HTML page. However, when I get the token using PowerShell it works. Connect-AzAccount -Identity $token = Get-AzAccessToken $token.Token So clearly I don't get the token type Azure DevOps is expecting and I probably generate token against the wrong Resource URI. I tried different resource URIs though like ARM, graph etc.. and I can't get it to work. Any idea? Edit: Finally managed to do it, needed to scope it as Azure DevOps App def GetMIToken(): from azure.identity import ManagedIdentityCredential credential = ManagedIdentityCredential() token = credential.get_token('499b84ac-1321-427f-aa17-267ca6975798/.default') return token.tokenSolved1.6KViews0likes1CommentRe: Authenticate Azure DevOps API Using Entra ID Managed Identity (Python)
Solution: def GetMIToken(): from azure.identity import ManagedIdentityCredential logging.info('Generating System Assigned Managed Identity token') credential = ManagedIdentityCredential() token = credential.get_token('499b84ac-1321-427f-aa17-267ca6975798/.default') logging.info('Successfully generated token') return token.token1.6KViews0likes0Comments
Groups
Recent Blog Articles
No content to show