What is the proper way to authenticate within custom build task

See original GitHub issue

I found the following issue by @gregpakes and had the exact same question which led to no answer other than it should be asked on this repo, so here it is.

Would it be possible to have a clear guide on how to get the access token to access Azure REST API?

  • Hosted Microsoft Agent (macOS)
  • Custom build task

I tried with the SystemVssConnection getEndpointAuthorizationParameter('SystemVssConnection', 'AccessToken', false); and it’s working but official documentation mention that we have to enable oauth on the job and get the token from System.AccessToken. I am confused on which way to use in my custom task I am developing. vssconection would be much more straight forward as I would not have to mention to enable oauth access to use my task.

Thanks

Issue Analytics

  • State:closed
  • Created 4 years ago
  • Reactions:1
  • Comments:8 (4 by maintainers)

github_iconTop GitHub Comments

1reaction
jessehouwingcommented, Oct 30, 2019

I’m not aware of any special treatment needed for YAML.

On Wed, 30 Oct 2019, 20:17 Eric Labelle, notifications@github.com wrote:

Hey @jessehouwing https://github.com/jessehouwing , one more question for you… I swapped from System.AccessToken to SystemVssConnection and everything works well locally and in pipeline using Basic Editor but it fails when I try the task using the YAML pipeline.

##[debug]agent.TempDirectory=/Users/runner/runners/2.159.2/work/_temp ##[debug]loading inputs and endpoints ##[debug]loading ENDPOINT_AUTH_SYSTEMVSSCONNECTION ##[debug]loading ENDPOINT_AUTH_SCHEME_SYSTEMVSSCONNECTION ##[debug]loading SECRET_AZURE_API_PAT ##[debug]loading SECRET_SYSTEM_ACCESSTOKEN ##[debug]loaded 4 ##[debug]Agent.ProxyUrl=undefined ##[debug]Agent.CAInfo=undefined ##[debug]Agent.ClientCert=undefined ##[debug]Agent.SkipCertValidation=undefined ##[debug]System.TeamProject= ##[debug]task result: Failed ##[error]Endpoint auth data not present: SystemVssConnection ##[debug]Processed: ##vso[task.issue type=error;]Endpoint auth data not present: SystemVssConnection ##[debug]Processed: ##vso[task.complete result=Failed;]Endpoint auth data not present: SystemVssConnection

I know we had to add env: SYSTEM_ACCESSTOKEN: $(System.AccessToken) with the predefined variable, but since SystemVssConnection is documented nowhere, I’m not sure what’s missing for YAML.

There is mention on how to use a custom service connection here https://docs.microsoft.com/en-us/azure/devops/pipelines/library/service-endpoints?view=azure-devops&tabs=yaml#use-a-service-connection but I figured since this one is built-in I don’t have to specify this.

Thank you for your time!

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/microsoft/azure-pipelines-task-lib/issues/579?email_source=notifications&email_token=AA724SZGGYXOKKQC2UHEPVTQRHMTDA5CNFSM4JA4TLAKYY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOECVOPPQ#issuecomment-548071358, or unsubscribe https://github.com/notifications/unsubscribe-auth/AA724S4QKUFULLRULBVQWBDQRHMTDANCNFSM4JA4TLAA .

0reactions
eric-labellecommented, Oct 30, 2019

Hey @jessehouwing , one more question for you… I swapped from System.AccessToken to SystemVssConnection and everything works well locally and in pipeline using Basic Editor but it fails when I try the task using the YAML pipeline.

##[debug]agent.TempDirectory=/Users/runner/runners/2.159.2/work/_temp
##[debug]loading inputs and endpoints
##[debug]loading ENDPOINT_AUTH_SYSTEMVSSCONNECTION
##[debug]loading ENDPOINT_AUTH_SCHEME_SYSTEMVSSCONNECTION
##[debug]loading SECRET_AZURE_API_PAT
##[debug]loading SECRET_SYSTEM_ACCESSTOKEN
##[debug]loaded 4
##[debug]Agent.ProxyUrl=undefined
##[debug]Agent.CAInfo=undefined
##[debug]Agent.ClientCert=undefined
##[debug]Agent.SkipCertValidation=undefined
##[debug]System.TeamProject=
##[debug]task result: Failed
##[error]Endpoint auth data not present: SystemVssConnection
##[debug]Processed: ##vso[task.issue type=error;]Endpoint auth data not present: SystemVssConnection
##[debug]Processed: ##vso[task.complete result=Failed;]Endpoint auth data not present: SystemVssConnection

I know we had to add env: SYSTEM_ACCESSTOKEN: $(System.AccessToken) with the predefined variable, but since SystemVssConnection is documented nowhere, I’m not sure what’s missing for YAML.

There is mention on how to use a custom service connection here but I figured since this one is built-in I don’t have to specify this.

Thank you for your time!

Read more comments on GitHub >

github_iconTop Results From Across the Web

Authentication to access other parts of Azure DevOps within a ...
Specifically, I want to create a custom task that adds a comment to a PR. Unfortunately, I can't figure out how to authenticate...
Read more >
Guidance for authentication - Azure DevOps - Microsoft Learn
A: The best practice is to have different authentication paths for Azure DevOps Server and Azure DevOps Services.
Read more >
Trigger Build Task - Visual Studio Marketplace
First and foremost the authentication options (see below) are limited. You cannot use OAuth authentication, either use a Personal Access Token ...
Read more >
Create HTTP tasks with authentication - Google Cloud
Creates tasks with OIDC token to send to a Cloud Run, Cloud Function, ... To learn how to install and use the client...
Read more >
Create Custom Tokens | Firebase Authentication - Google
The main drawback of this approach is that it requires you to package a service account JSON file along with your code. Also...
Read more >

github_iconTop Related Medium Post

No results found

github_iconTop Related StackOverflow Question

No results found

github_iconTroubleshoot Live Code

Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free

github_iconTop Related Reddit Thread

No results found

github_iconTop Related Hackernoon Post

No results found

github_iconTop Related Tweet

No results found

github_iconTop Related Dev.to Post

No results found

github_iconTop Related Hashnode Post

No results found