TFS REST API Authorization

Question

Getting "Unauthorized" status code when requesting TFS REST API via C# Console Application and TFS 2015 Update 3.

Hello everybody,

I'm trying to control the TFS (2015 Update 3) REST API with a C# console application.

In my old application I referenced the Microsoft.VisualStudio.Build.Client(etc.) libraries and could access the information I needed via the TfsTeamProjectCollection. I honestly don't know where the authentication comes from. Maybe via the Windows credentials or the account associated with Visual Studio. In any case, I didn't have to specify credentials in my application.

But I didn't find an example for the REST API where I don't have to specifically authorize.

I found an example of using the .NET client library that authorizes itself with VssCredentials (using NTLM). I don't have to specify a username or oassword here either:

VssConnection connection = new VssConnection(new Uri(URL), new VssCredentials());

That works too, but I can't get all the information I need about it, so I wanted to control the REST API myself.

Can someone send me an example of how I can access the REST API without a separate username/password? Or is this no longer possible?

Thank you Johannes

using (HttpClient client = new HttpClient())
{
    client.DefaultRequestHeaders.Accept.Add(new System.Net.Http.Headers.MediaTypeWithQualityHeaderValue("application/json"));
    using (HttpResponseMessage response = await client.GetAsync("http://ServerName:8080/tfs/CollectionName/ProjectName/_apis/build/builds/BuildID"))
    {
        response.EnsureSuccessStatusCode();
        string responseBody = await response.Content.ReadAsStringAsync();
        Console.WriteLine(responseBody);
    }
}

I expect to get the json response but instead I only get the Unathorized Exception.

https://learn.microsoft.com/en-us/rest/api/azure/devops/?view=azure-devops-rest-5.0 look at the example — Jagadeesh Govindaraj, Feb 12 '19 at 09:31
https://learn.microsoft.com/en-us/azure/devops/integrate/previous-apis/overview?view=azure-devops-2019&viewFallbackFrom=vsts — Jagadeesh Govindaraj, Feb 12 '19 at 09:33
https://www.nuget.org/packages/Microsoft.TeamFoundationServer.Client/ — Jagadeesh Govindaraj, Feb 12 '19 at 09:33

Shayki Abramczyk · Answer 1 · 2019-02-19T20:58:01.733

2

You need to add HttpClientHandler() to your HttpClient:

using (HttpClient client = new HttpClient(new HttpClientHandler() { UseDefaultCredentials = true }))
{
     // ... 
}

edited Feb 19 '19 at 20:58

answered Feb 12 '19 at 12:05

Shayki Abramczyk

36,824
16
89
114

score 1 · Accepted Answer · answered Feb 12 '19 at 11:15

I also use HttpClient with pat or username/password. I have tested with default credentials and I have got 401. Then I found this post: How to get HttpClient to pass credentials along with the request?

I`ve created the sample with WebClient and It works:

WebClient wc = new WebClient();
wc.UseDefaultCredentials = true;
wc.Headers.Add("Content-Type", "application/json");

var data = wc.OpenRead("http://my-srv:8080/tfs/DefaultCollection/MyProject/_apis/build/builds/MyId?api-version=3.0");

var response = new StreamReader(data).ReadToEnd();

score 1 · Answer 3 · answered Feb 12 '19 at 12:05

Just like Shamrai Aleksander said you can use WebClient default credentials,or,You can create a custome PAT using TFS Security and limit user access. Please find more about TFS PAT here : https://learn.microsoft.com/en-us/azure/devops/organizations/accounts/use-personal-access-tokens-to-authenticate?view=azure-devops

TFS REST API Authorization

3 Answers3