Authentication through Personal Access Token creates organisational coupling #500
Comments
|
i would like to add that all other azure sdks im aware of are using azure-identity for auth, can this please be updated to do the same? |
|
Yes, We need support for azure identity SDK in Azure DevOps SDK. This is what I am doing currently as workaround, but this doesn't cater for refreshing the access token, and other related use cases. credential = DefaultAzureCredential()
token = credential.get_token("499b84ac-1321-427f-aa17-267ca6975798/.default")
credential2 = BasicTokenAuthentication({"access_token": token.token})CC: @nechvatalp, @tonybaloney |
|
Bumping this, as this approach doesn't handle refreshing the access token or other related use cases. Your assistance in adding support of Azure Identity library in devops python SDK would be greatly appreciated. Thank you! |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Currently, the only documented way to use this library is to authenticate with a Personal Access Token.
This seems wrong, as:
This means an application access to an Azure DevOps instance is tightly coupled to the existence of a human person in an organisation, which means applications access will break depending on other life cycles.
Is there a plan to support other kinds of authentication scheme with Azure DevOps (Server)?
One could think of an OAuth2 process, for instance, allowing different flows:
Both flow isolate authentication of the application from any other organisational resource, and allow delegation of authorisation and grants lifecycle to a dedicated, potentially automated third-party.
The text was updated successfully, but these errors were encountered: