1

I try to authenticate using the legacy API, because I need some of the methods from there, which are not available in the new Rest API. While authentication via access token in the rest API works fine, all attempts to authenticate with the legacy API seem to fail. The user behind the access token is not the logged windows user. My code looks like that:

      var tokenCredentials = new VssBasicCredential(string.Empty, token);

            var connectUrl = settings.ProjectCollectionUrl.ToUrl();
            var vssConnection = new VssConnection(connectUrl, tokenCredentials);

            // successful
            await Task.Run(async () => await vssConnection.ConnectAsync());
            // successful 
            await Task.Run(async () => await vssConnection.ParentConnection.ConnectAsync());

            var projectCollection = new TfsTeamProjectCollection(vssConnection.Uri, vssConnection.Credentials);
            
            // fails with with not authorized.
            projectCollection.Authenticate();

I tried several other ways, too (e.g. creating win credentials out of network credentials. But all attemps fail with a non authorized exception. Is there any known severe bug in the legacy API?

Tom
  • 41
  • 5

1 Answers1

0

Ooh, it took me quite long to find out the issue. The Authenticate method on TfsTeamProjectCollection class requires the 'Identity (manage)' permission. I didn't enable it for my access token, because I wanted to generate a read only token, that's why I just enabled all 'read' permissions.

On the other hand the Rest API doesn't need that permission to function in a read only way.

I hope that helps other people who come across this thread.

Tom
  • 41
  • 5