'Azure devops web extension - access token scoped across all organizations
In my ADO web extension installed in an organization (say org A), I want to make an API call to update a work item lying in a project in a different organization (say org B). In addition to updating the work item, I also want to fetch some other project details from org B.
I am using the below code in typescript to get the access token
import * as SDK from "azure-devops-extension-sdk";
const token = await SDK.getAccessToken();
With the token that I get here, I am able to call any ADO apis for org A https://dev.azure.com/orgA/_apis/projects. But, I am getting a 401 unauthorized error when I am calling the same API for org B.
Am I missing anything here? Do I have to define any scope for getting a token using which I can invoke APIs in any of the ADO organizations I have access to? Or, is there any other way to achieve this?
Solution 1:[1]
From the supported scopes reference document, it seems that there is no such scope covering all organizations. In addition, no arguments are provided in the getAccessToken() function to define all organizations.
As workaround , I think you need to use the PAT generated from the UI interface. When generate the token, need choose All accessible organizations.
Solution 2:[2]
so I've been able to probably resolve the issue here. There is a setting in "Policy" of the organization. After I turned this on, I was able to access the resources.
Sources
This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.
Source: Stack Overflow
| Solution | Source |
|---|---|
| Solution 1 | Hugh Lin |
| Solution 2 | RadekSohlich |