用Azure DevOps REST API身份验证Azure功能的正确方法是什么? [英] What is the right way to authenticate Azure Function against Azure DevOps REST API?
问题描述
目标是开发一个Azure功能,该功能应在Azure DevOps中进行一些更改(例如更新工作项,Wiki页面等),并由Azure管道服务挂钩触发. 在这种情况下可以使用功能系统身份吗?以及如何授予此身份调用DevOps REST API的权限?
The goal is to develop an Azure function which should do some changes in Azure DevOps (like update work items, wiki pages etc), being triggered by Azure pipeline service hook. Can I use function system identity in this case? And how can I give permissions for this identity to call DevOps REST APIs?
推荐答案
I'm not sure if this is the best way but you can create PAT token. Since you will use it for Azure Function I woudl recommend to use Azure KeyVault to store that token.
此处您有示例如何使用它从Azure DevOps中获取项目的示例:
Here you have the example how you can use it to fetch projects from Azure DevOps:
public static async void GetProjects()
{
try
{
var personalaccesstoken = "PAT_FROM_WEBSITE";
using (HttpClient client = new HttpClient())
{
client.DefaultRequestHeaders.Accept.Add(
new System.Net.Http.Headers.MediaTypeWithQualityHeaderValue("application/json"));
client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Basic",
Convert.ToBase64String(
System.Text.ASCIIEncoding.ASCII.GetBytes(
string.Format("{0}:{1}", "", personalaccesstoken))));
using (HttpResponseMessage response = await client.GetAsync(
"https://dev.azure.com/{organization}/_apis/projects"))
{
response.EnsureSuccessStatusCode();
string responseBody = await response.Content.ReadAsStringAsync();
Console.WriteLine(responseBody);
}
}
}
catch (Exception ex)
{
Console.WriteLine(ex.ToString());
}
}
Here you have documentation for updating work items. I tested that with Postman, but I was able to edit work item using PAT.
这篇关于用Azure DevOps REST API身份验证Azure功能的正确方法是什么?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
