azure-devops-python-api icon indicating copy to clipboard operation
azure-devops-python-api copied to clipboard
verified publisher icon microsoft

AzureDevOpsAuthenticationError: The requested resource requires user authentication: https://dev.azure.com/myorg/_apis

Open motoko89 opened this issue 4 years ago • 2 comments

I followed the sample code:

        credentials = BasicAuthentication(username=user, password=pat)
        self.connection = Connection(base_url="https://dev.azure.com/myorg/", creds=credentials)
        testClient = self.connection.clients.get_core_client()

But I get exception. Did I miss something?

   testClient = self.connection.clients.get_core_client()
  File "/Users/runner/hostedtoolcache/Python/3.10.0/x64/lib/python3.10/site-packages/azure/devops/released/client_factory.py", line 44, in get_core_client
    return self._connection.get_client('azure.devops.released.core.core_client.CoreClient')
  File "/Users/runner/hostedtoolcache/Python/3.10.0/x64/lib/python3.10/site-packages/azure/devops/connection.py", line 45, in get_client
    self._client_cache[client_type] = self._get_client_instance(client_class)
  File "/Users/runner/hostedtoolcache/Python/3.10.0/x64/lib/python3.10/site-packages/azure/devops/connection.py", line 58, in _get_client_instance
    url = self._get_url_for_client_instance(client_class)
  File "/Users/runner/hostedtoolcache/Python/3.10.0/x64/lib/python3.10/site-packages/azure/devops/connection.py", line 70, in _get_url_for_client_instance
    resource_areas = self._get_resource_areas()
  File "/Users/runner/hostedtoolcache/Python/3.10.0/x64/lib/python3.10/site-packages/azure/devops/connection.py", line 120, in _get_resource_areas
    self._resource_areas = location_client.get_resource_areas()
  File "/Users/runner/hostedtoolcache/Python/3.10.0/x64/lib/python3.10/site-packages/azure/devops/v5_1/location/location_client.py", line 104, in get_resource_areas
    response = self._send(http_method='GET',
  File "/Users/runner/hostedtoolcache/Python/3.10.0/x64/lib/python3.10/site-packages/azure/devops/client.py", line 74, in _send
    request = self._create_request_message(http_method=http_method,
  File "/Users/runner/hostedtoolcache/Python/3.10.0/x64/lib/python3.10/site-packages/azure/devops/client.py", line 119, in _create_request_message
    location = self._get_organization_resource_location(location_id)
  File "/Users/runner/hostedtoolcache/Python/3.10.0/x64/lib/python3.10/site-packages/azure/devops/client.py", line 160, in _get_organization_resource_location
    return self._get_resource_location(self.normalized_url, location_id)
  File "/Users/runner/hostedtoolcache/Python/3.10.0/x64/lib/python3.10/site-packages/azure/devops/client.py", line 172, in _get_resource_location
    Client._locations_cache[url] = self._get_resource_locations(url, all_host_types=False)
  File "/Users/runner/hostedtoolcache/Python/3.10.0/x64/lib/python3.10/site-packages/azure/devops/client.py", line 208, in _get_resource_locations
    response = self._send_request(request, headers=headers)
  File "/Users/runner/hostedtoolcache/Python/3.10.0/x64/lib/python3.10/site-packages/azure/devops/client.py", line 68, in _send_request
    self._handle_error(request, response)
  File "/Users/runner/hostedtoolcache/Python/3.10.0/x64/lib/python3.10/site-packages/azure/devops/client.py", line 290, in _handle_error
    raise AzureDevOpsAuthenticationError(full_message_format.format(error_message=error_message,

motoko89 avatar Jan 10 '22 06:01 motoko89

Interested in this as well.

I ran into the same issue. I created a new access token and used that as the "password" and made sure it has the correct permissions to read work items. The error still pops up rarely in testing but less frequently than before, so it's just a hotfix.

Slightly modified code that uses a wrapper class and environment variables that worked for me.

from dotenv import dotenv_values
from azure.devops.connection import Connection
from msrest.authentication import BasicAuthentication

class ADO():
    def __init__(self, config_path):
        self.config = dotenv_values(Path(config_path))
        self.credentials = BasicAuthentication(self.config.get('user'), self.config.get('ado_access_token'))
        self.connection = Connection(base_url=self.config.get('base_url'), creds= self.credentials)

Funny enough the BasicTokenAuthentication from msrest doesn't work and breaks the above code which seems counterintuitive.

jharleydev avatar Mar 03 '22 16:03 jharleydev

I had the same issue with "pipelines" api/client. I only added "pipelines" permission into the PAT scope. But then I went from multiple scopes to least. And I end-up with scopes - "pipelines", "graph" - read, "identity"-read. You may need something similar. Use same approach as me.

Peter

eissko avatar Aug 23 '23 13:08 eissko