[英]Azure DevOps API access without a user
Is it possible to pull work items from the DevOps API without needing a user to be logged in to get an access token every time?是否可以从 DevOps API 中提取工作项,而无需用户每次都登录以获得访问令牌?
I am trying to create a back-end service that pulls work items from the API every so often to generate a report.我正在尝试创建一个后端服务,该服务每隔一段时间从 API 中提取工作项以生成报告。 Can I just generate a one-time access key to use with that back-end service?
我可以只生成一个一次性访问密钥以用于该后端服务吗?
I've looked around the documentation, but it seemed like it all requires either a PAT or Azure Active Directory authorization/authentication.我查看了文档,但似乎这一切都需要 PAT 或 Azure Active Directory 授权/身份验证。
you can do something like this https://docs.microsoft.com/en-us/azure/devops/organizations/settings/manage-authorizations?toc=%2Fazure%2Fdevops%2Forganizations%2Ftoc.json&bc=%2Fazure%2Fdevops%2Forganizations%2Fbreadcrumb%2Ftoc.json&view=azure-devops and https://docs.microsoft.com/en-us/azure/devops/integrate/get-started/authentication/oauth?view=azure-devops你可以这样做https://docs.microsoft.com/en-us/azure/devops/organizations/settings/manage-authorizations?toc=%2Fazure%2Fdevops%2Forganizations%2Ftoc.json&bc=%2Fazure%2Fdevops% 2Forganizations%2Fbreadcrumb%2Ftoc.json&view=azure-devops和https://docs.microsoft.com/en-us/azure/devops/integrate/get-started/authentication/oauth?view=azure-devops
Basically authorize applications to use devops based on your credentials using oauth.基本上使用 oauth 根据您的凭据授权应用程序使用 devops。 similar to an app registration.
类似于应用注册。
Thats the only way I can see without PAT and manual login each time.这是我每次都可以看到没有 PAT 和手动登录的唯一方法。
Instead of your personal account, you could create a fake AAD user then add it to your Azure DevOps Service.您可以创建一个假的 AAD 用户,而不是您的个人帐户,然后将其添加到您的 Azure DevOps 服务中。
Use that account to create a Personal Access Token.使用该帐户创建个人访问令牌。 Similar to Build Service account to pull source code/work items.
类似于构建服务帐户以提取源代码/工作项。 This should be a easy way to track everything.
这应该是跟踪所有内容的简单方法。
But the limitation here is also obvious: this needs involvement of IT department, and also causes additional costs, since every user is billed.但是这里的局限性也很明显:这需要 IT 部门的参与,而且还会产生额外的成本,因为每个用户都需要付费。
Allow personal access tokens that do not expire is not supported right now.目前不支持允许未过期的个人访问令牌。 There is a related user voice .
有相关的用户声音。
As an alternatively way you could use OAuth just as alphaz18 suggested.作为替代方法,您可以按照 alphaz18 的建议使用 OAuth。 Details please refer-- Authorize access to REST APIs with OAuth 2.0
详情请参考-- 使用 OAuth 2.0 授权访问 REST API
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.