How to authenticate to DevOps API using php

Question

I'm trying to access the Azure DevOps REST API via php/curl and a personal access token, but am having trouble with the authentication process.

The documentation states, that the pat has to be converted to base64 and then added to the HTTP Header, however I have been unable to correctly do that. This is what I've tried:

function GetBuilds($url, $token) {  
  $ci = curl_init();

  curl_setopt($ci, CURLOPT_URL, $url);
  curl_setopt($ci, CURLOPT_RETURNTRANSFER, true);
  curl_setopt($ci, CURLOPT_TIMEOUT, 30);
  curl_setopt($ci, CURLOPT_CONNECTTIMEOUT, 30);
  curl_setopt($ci, CURLOPT_SSL_VERIFYHOST, false);
  curl_setopt($ci, CURLOPT_SSL_VERIFYPEER, false);
  curl_setopt($ci, CURLOPT_HTTPHEADER, array(
    "content-type: text/html",
    "content-length: 0",
    "Authorization: Basic ".base64_encode($token)   // Several variants have been tried.
    )
  );

  $buffer = curl_exec($ci); 
  curl_close($ci);

  return $buffer;
};

$url is the Link to the DevOps API which works when called with a browser (after logging in), however when the page with this function is called, it returns the string "Object moved to here." with "here" beeing a link to the microsoft online login page.

The PAT generally requires a leading : before being B64 encoded. Not sure if you're doing that. — Daniel Mann
– Daniel Mann, Commented Apr 15, 2019 at 15:25

4c74356b41 · Accepted Answer · 2019-04-15 15:29:02Z

2

Pretty sure you need to convert this to base64:

[email protected]:token

not just the token. [email protected] - is the user who issued the token

answered Apr 15, 2019 at 15:29

4c74356b41

71.4k7 gold badges118 silver badges155 bronze badges

Sign up to request clarification or add additional context in comments.

2 Comments

Xen Over a year ago

I tried this solution as well out of curiosity and it does indeed also work, so specifying the user is possible but not mandatory.

4c74356b41 Over a year ago

interesting, i know at least one guy for whom using :token doesnt work... you can upvote though ;)

Xen · Accepted Answer · 2019-04-15 16:06:53Z

2

Daniel Mann's comment was the solution (thank you!), although I'm not allowed to directly mark it as such. Changing the "Authorization"-line to this:

"Authorization: Basic ".base64_encode(":".$token)

does successfully authorize the request.

answered Apr 15, 2019 at 16:06

Xen

1159 bronze badges

Collectives™ on Stack Overflow

How to authenticate to DevOps API using php

2 Answers 2

2 Comments

Comments

Hot Network Questions

Collectives™ on Stack Overflow

2 Answers 2

2 Comments

Comments

Related