Home > OS >  Authentication when Get Azure DevOps Project Work Items using Python
Authentication when Get Azure DevOps Project Work Items using Python

Time:11-26

I am trying to get all the work items for a project in Azure DevOps.

The issue I am facing is of is authentication. How do I authenticate/login before sending this post request?

The docs show security as 0auth2 . However, I have a personal access token...what would be the correct approach? How to send an authenticated POST request that is. Do I have to register the application and get 0auth Token etc..or PAT would suffice?

import requests
import base64

pat = 'nbq'
authorization = str(base64.b64encode(bytes(':' pat, 'ascii')), 'ascii')

headers = {
    'Accept': 'application/json',
    'Authorization': 'Basic ' authorization
}
# response = requests.get(url="https://dev.azure.com/company/_apis/projects?api-version=5.1", headers=headers).json()

data = {
  "query": "Select [System.Id], [System.Title], [System.State] From WorkItems Where [System.WorkItemType] = 'Task'"
}
wo_it = requests.post('https://dev.azure.com/company/example_project/_apis/wit/wiql?api-version=5.1',data=data)
print(wo_it.text)

CodePudding user response:

Azure DevOps REST API supports several different auth ways, e.g. OAuth 2.0, Azure AD auth, PAT.

For the specific API _apis/wit/wiql you are using, using PAT is enough, you don't need to register the app. And you should know OAuth 2.0 and Azure AD auth are both user-interactive way, if you want to call the API in python with non-interactive way, PAT is the option.

PAT uses the basic auth, you need to base64 encode it and pass the encoded one to the request body every time when you send the API request. I saw you just use the token when listing the projects, but you didn't use it when call _apis/wit/wiql, you need to do it also, then it will work.

Reference - https://docs.microsoft.com/en-us/azure/devops/integrate/get-started/authentication/authentication-guidance?view=azure-devops

  • Related