azure_devops_app icon indicating copy to clipboard operation
azure_devops_app copied to clipboard

Published 20 hours ago verified publisher icon PurpleSoftSrl

PAT Scopes

Open joshmeads opened this issue 1 year ago • 4 comments

Hey thanks for making this!

Can I please request a small docs update?

It would be very helpful to share the recommended PAT scopes needed for the app functionality. Realistically we don't want to provide "full access" to our tokens but playing the guessing game back and fourth between Azure and the app is a slow process trying to bypass "Unauthorized" errors.

Thanks!

joshmeads avatar Mar 25 '24 00:03 joshmeads

So far what I've ended up with is the following:

Build: Read Code: Read, Status Graph: Read Pull Request Threads: Read & Write Release: Read Wiki: Read & Write (I don't think this is needed though) Work Items: Read, Write, Manage

Currently still getting unauthorized on file diffs.

joshmeads avatar Mar 25 '24 00:03 joshmeads

Did you ever find the scopes for file diff?

bkvisiosign avatar Jun 12 '24 20:06 bkvisiosign

Same problem on file diff What call is it making to the API? I'm not very familiar with Dart

Update: I'm getting permission denied even with a Full Access token (cleared data and logged in again)

macmiranda avatar Sep 03 '24 19:09 macmiranda

Hi,

Here's the code.

The api call is _apis/contribution/hierarchyQuery/project/${commit.projectId}, which is not documented as far as I know.

I think project and repository read access is required, but I'm not sure about the PAT scopes required. I would try with 'Code: Full'.

sstasi95 avatar Sep 04 '24 15:09 sstasi95

Hi everyone,

Azure DevOps Undocumented API Thread

For a complete list of available scopes and their descriptions, refer to the official Azure DevOps documentation:
🔗 Azure DevOps Permissions & Scopes

If you run into any issues, feel free to test these scopes and let us know! 🚀

PurpleSoft Team

tiz-sharp avatar Feb 07 '25 09:02 tiz-sharp