Is it possible to clone an Azure Devops repository using an OAuth token

Question

I am trying to implement an integration between a web-based code editor and Azure Devops. I am trying to use OAuth to get user authorization and then to make a clone of a repository on behalf of the user.

For GitHub I can use the OAuth access token as a username to clone the repository. Is there a similar functionality for Azure Devops?

Answer 1

Is there a similar functionality for Azure Devops?

The answer is yes.

Azure DevOps Services uses the OAuth 2.0 protocol to authorize your app for a user and generate an access token. And we need make sure Authorised scopes include code (Read) when we generate the OAuth token:

Please refer this document and this blog for some more details.

Note:

Since OAuth 2.0 is not supported on Azure DevOps Server (I saw you add Azure DevOps Server tag on your post). Client Libraries are a series of packages built specifically for extending Azure DevOps Server functionality. For on-premises users, we recommend using Client Libraries, Windows Auth, or Personal Access Tokens (PATs) to authenticate on behalf of a user.

Answer 2

This is definitely possible and has now been extended to be possible without using a Personal Access Token (which is tied to a user). If your Azure Devops is backed by Azure Active Directory, my answer here has the required steps to authenticate using an OAuth token issued to a service principal.

The currently accepted answer references scopes attached to PATs, but provided the service principal has been given access to the repository in the standard way (using the repository security tab) you should be able to clone it.