TechQA.

How to run "tf get" without ui prompting for credentials

81 views Asked by At

I have a bat file that runs "tf get" automatically once each day. I'm logging in using /login with a PAT. That works. However, after a couple of days (7?), i receive the message "You are not authorized to access [severname].visualstudio.com.

In that case, i need to call "tf get" (without any parameters) which will then display a login ui where i have to enter my actual username and password. After having logged in, my script runs successfully for a couple of day after which i end up with the "no authorized" message again.

I would like to be able to run a "tf get" without any ui prompting for credentials. How can i do this?

azure-devops tfs tf-cli
Original Q&A
1

There are 1 answers

0
Alvin Zhao - MSFT On

If one Azure DevOps organization is connected an AAD, the users in this organization should have the mapping User Principals in AAD. In addition, we cannot only add User Principals of the connected AAD into our DevOps organization, but also add Service Principals.

enter image description here

Similar to the User Principals in a DevOps organization, Service Principals should receive user licenses (Basic) and sufficient permissions to access the TFVC repo.

Here is the sample Azure CLI command running in CMD that we can use to authenticate against a Service Principal in my DevOps organization, generate the AAD token to access Azure DevOps resource for this Service Principal and use this Oauth token as the credential for tf get command. I succeeded to get the TFVC repo updates from server with this methods.

set TenantId=xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
set ApplicationId=yyyyyyyy-yyyy-yyyy-yyyy-yyyyyyyyyyyy
set ClientSecret=sn~*********D-_************CXa8r
az login --service-principal --username %ApplicationId% --password %ClientSecret% --tenant %TenantId%

set azureDevopsResourceId=499b84ac-1321-427f-aa17-267ca6975798
for /f %i in ('az account get-access-token --resource %azureDevopsResourceId% --query "accessToken" --output tsv') do set token=%i
echo token is %token%

tf get /loginType:OAuth /login:.,%token%

enter image description here enter image description here Here is the document for more details.

Related Questions in AZURE-DEVOPS

Related Questions in TFS

Related Questions in TF-CLI

Popular Questions

Popular Tags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Trending Questions