1

I have generated a personal access token from the Azure Devops user interface but am unable to use this to make requests against the Devops API.

I have tried many different header fields, but I am always redirected to the log in page as though I hadn't authenticated.

token = #Token generated on Devops project page
token_bytes = token.encode('utf-8')
token64 = base64.b64encode(token_bytes)
authorization_string = "basic " + str(token64)

repo_endpoint_url = "https://dev.azure.com/{organization}/{project}/_apis/git/repositories?api-version=5.1".format(organization=organization, project=project)

headers = {"Content-Type" : "application/json", "Authorization" : authorization_string}

response = requests.get(repo_endpoint_url, headers)

response is always 203 with login page HTML. This is what I'd expect to see if I didn't have an access token in the header.

I have tried, "Bearer" instead of "basic", I have tried adding {username}:{token}, and many other little tweaks.

What am I doing wrong?

riQQ
  • 9,878
  • 7
  • 49
  • 66
Richardweber32
  • 168
  • 2
  • 16
  • 2
    Possible duplicate of [Authenticating to VisualStudioOnline REST API with Personal Access Token using Python 3.6](https://stackoverflow.com/questions/45192108/authenticating-to-visualstudioonline-rest-api-with-personal-access-token-using-p) – ycx Oct 28 '19 at 14:46
  • 1
    Was very excited to see that adding a colon to the front of my token was a potential fix, but sadly it hasn't had any affect on the running of my script. I still get a 203 response with a html prompting for login details – Richardweber32 Oct 28 '19 at 14:50
  • Did you also do the `base64` encode? – ycx Oct 28 '19 at 14:54
  • Which scoped did you give to the PAT? – Shayki Abramczyk Oct 28 '19 at 14:54
  • @ycx Yes. I missed a line when retyping the code (couldn't copy and paste from the VM to my local), but I was using the base64 python package as I've updated above – Richardweber32 Oct 28 '19 at 14:56
  • @ShaykiAbramczyk I was using one with access limited to code (full) and packaging (read and write), but am going to try with full access – Richardweber32 Oct 28 '19 at 14:59
  • Try using `requests.get(repo_endpoint_url, auth=('', token))` and remove explicit authorization header from the headers – Akshay Shah Oct 28 '19 at 15:00
  • I suggest this because the python API here: https://github.com/microsoft/azure-devops-python-api has `credentials = BasicAuthentication('', personal_access_token)` in the sample code although it is for the Azure API but requests should also be the same – Akshay Shah Oct 28 '19 at 15:01

3 Answers3

8

I just scrapbooked following code which worked for me:

import requests
import base64

repo_endpoint_url = "https://dev.azure.com/<organization>/<project>/_apis/git/repositories?api-version=5.1"

username = "" # This can be an arbitrary value or you can just let it empty
password = "<your-password-here>"
userpass = username + ":" + password
b64 = base64.b64encode(userpass.encode()).decode()
headers = {"Authorization" : "Basic %s" % b64} 

response = requests.get(repo_endpoint_url, headers=headers)
print(response.status_code) # Expect 200
DSpirit
  • 2,062
  • 16
  • 22
  • Interestingly enough, after making these changes I no longer get 203 but now get 401, unauthorised. I can only assume this is an entirely different issue. Do you know of any reasons why I'd get a 401? – Richardweber32 Oct 28 '19 at 15:15
  • 1
    In this case I'd think the access token is either not capable of performing read actions on the specified project's repository or it's already expired. – DSpirit Oct 28 '19 at 15:19
  • Not sure what exactly happened to get me the 401 but I regenerated the token and copy pasted it straight in and it's working now. Thanks very much xo – Richardweber32 Oct 28 '19 at 15:24
0

After almost 1 week of investigating recreation of TOKEN was the only thing that helped me!

user15206036
  • 11
0

I had the same issue. This seems to me that if you create a PAT without a Code scope, and you want to add a Code scope you must regenerate PAT.

Same vice versa: If you want to add a Wiki scope to PAT with only a Code scope (for example you want to extend PAT which you have created in the REPOS section during the repository clone process) you must regenerate the PAT.

Peter Trcka
  • 1,279
  • 1
  • 16
  • 21