I am using the .NET client library for Azure DevOps to get test results from a build attempt. The following throws an authentication error, Microsoft.VisualStudio.Services.Common.VssUnauthorizedException: VS30063: You are not authorized to access https://dev.azure.com.
var testClient = connection.GetClient<TestManagementHttpClient>();
var testResults = await testClient.GetTestResultsByBuildAsync2(
project: project,
buildId: ID);
I am using a PAT that is scoped to read and execute Builds and Tests. Not sure why I'm getting this error. Is there another way to get test results per attempt? I am able to use this same connection to call GetTestResultDetailsForBuildAsync but unfortunately, that lists results for all the attempts and I just need the last one.
Try either of the following ways to resolve Microsoft.VisualStudio.Services.Common.VssUnauthorizedException: VS30063: You are not authorized to access https://dev.azure.com. error:
Clean the cache as suggested by Marina Liu:Execute
regedit -> clean key(s) under
HKEY_CURRENT_USER\Software\Microsoft\VSCommon\14.0\ClientServices\TokenStorage\VisualStudio\VssApp
-> restart VS -> run your project with your own credential.
Check whether Personal Access Token has expired or created with the right Scope or not
References: VS30063: You are not authorized to access https://dev.azure.com? Error while trying to register Private agent Pool in Azure DevOps Project using PAT token - Microsoft Q&A , c# - VS30063: You are not authorized to access https://dev.azure.com - Stack Overflow and Visual Studio Feedback
Related
We are using the Sonarcloud plugin in Azure DevOps. Suddenly, we get the following error in our build pipeline:
##[error]ERROR: Error during SonarScanner execution ERROR: Project not found. Please check the 'sonar.projectKey' and 'sonar.organization'
properties, the 'SONAR_TOKEN' environment variable, or contact the
project administrator ERROR: ERROR: Error during SonarScanner
execution ERROR: Project not found. Please check the
'sonar.projectKey' and 'sonar.organization' properties, the
'SONAR_TOKEN' environment variable, or contact the project
administrator ERROR:
##[error]The SonarScanner did not complete successfully The SonarScanner did not complete successfully
##[error]09:51:19.094 Post-processing failed. Exit code: 1 09:51:19.094 Post-processing failed. Exit code: 1
##[error]The process '/usr/bin/dotnet' failed with exit code 1
Authentication is done with ServiceConnections and the token verification is still valid. I also tried to use a new SonarCloud Authentication token for the ServiceConnection. We haven't changed anything in the infrastructure or on the SonarCloud platform, and it was working fine 5 days ago.
I tried to set Administration / Permission / Execute Analysis to "Anyone" (also checked all users) without success.
Any ideas?
The PAT (Personal Access Token) has expired.
Create one in Azure DevOps and add it Administration / Organization settings / Azure DevOps connectivity management / New Personal Access Token
Note: I had to abandon my Pull-Request and create a new one after using the new PAT.
I would like to see this more clearly indicated on the platform (e.g. by an info bar at the top of the platform)
My pipeline is using the App Center Task to run UI tests in App Center. The problem is that the task returns the error "failed to load list of organizations".
The error in the pipeline is likely due to the wrong type of token being used to create the service connection.
There are two types of tokens, app level tokens and account level tokens. You need to use an account level token in the service connection.
You can create an account level token from here: https://appcenter.ms/settings/apitokens
Please ensure to generate one with full access, and create a new service connection with this token and link to it in the test task.
I get the following error
We cannot complete your request
server_error: The request could not be completed. Please try again later.
Error link:
https://login.live.com/HandleGithubResponse.srf?code=c3f48c4783f6d1d5ef1b&state=38FEE58AB9343DAB#
update
I used GitHub to log in to Azure before, and published a plugin. Now, when I want to log in to Azure using GitHub, I will be forced to log in to my MS account. My mailbox is rxliuli#gmail.com on both MS and GitHub.
At the same time, I created an organization rxliuli after logging in with an MS account, Azure did not have any errors, but when I want to log in to rxliuli (create a personal token), it will prompt ERROR Failed request: (401) What's wrong, is there any way for me to use the publisher name rxliuli after logging in with GitHub before?
update
I can't use vsce to create any new users right now. . .
update
Currently, I can use github to log in to azure, but using vsce login rxliuli still shows ERROR Failed request: (401), I am sure that the token has all permissions and has not expired
Well, actually because the token I created has no choice to allow all organizations. . .
ref: https://code.visualstudio.com/api/working-with-extensions/publishing-extension#i-get-403-forbidden-or-401-unauthorized-error-when-i-try-to-publish-my-extension
I am trying to use the TFS REST API to automate a use case, Tried using PersonalAccessToken and System.AcessToken (provided by TFS) but getting unauthorized error.
When analyzed found that SSO is being used to authenticate with TFS, as it works when i try to access it from my browzer. My Question is how can I access REST API from a script ( Can be anything bash,shell, python..etc) protected by SSO
Any inputs will hep. Thanks
Please try to disable the Basic Authentication for your TFS, then try it again.
If you want to run scripts by calling the REST API in build/release pipeline, then you can reference this SO thread : TFS 2015 API - 401 - Unauthorized: Access is denied due to invalid credentials
Have you encountered the error mentioned in the subject line before?, I'm intrigued by it and unable to a solution. Here are the steps I executed to create a service principal
az login
-- Gives me a device code to enter in browser
Login to az non-interactively
az account set --subscription="xxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
Check correct account by
az account show
Create a SP
az ad sp create-for-rbac -n "tf-authenticator" --role contributor
Run terraform plan as like below:
[jim#rhel75 msdn]$ terraform plan
Refreshing Terraform state in-memory prior to plan...
The refreshed state will be used to calculate this plan, but will not be
persisted to local or remote state storage.
azurerm_resource_group.tf-rg-cluster-sql: Refreshing state... os_profile_windows_config.1060902566.enable_automatic_upgrades: "true"
Plan: 28 to add, 0 to change, 0 to destroy.
------------------------------------------------------------------------
Note: You didn't specify an "-out" parameter to save this plan, so Terraform
can't guarantee that exactly these actions will be performed if
"terraform apply" is subsequently run.
Now, I run terraform again and I get error that No authorization token found!
[jim#rhel75 msdn]$ terraform plan
Refreshing Terraform state in-memory prior to plan...
The refreshed state will be used to calculate this plan, but will not be
persisted to local or remote state storage.
Error: Error refreshing state: 1 error(s) occurred:
* provider.azurerm: Error building AzureRM Client: Error populating Client ID from the Azure CLI: No Authorization Tokens were found - please re-authenticate using `az login`.
Note, I tested and same behavior exhibits on
1. CentOS 7.6
2. Ubuntu 16.04
3. Azure Pipelines Release Pipeline (Which utilizes Ubuntu 16.04 agent)
Update: I encounter a weird error when I try to create a SP. I have already my default subscription but still run the below command and receive error:
az ad sp create-for-rbac -n "tf-authenticator" --role="Contributor" --scopes="/subscriptions/xxxxxxxxxxxxxxxxxxx"
Error message:
Changing "tf-authenticator" to a valid URI of "http://tf-authenticator", which is the required format used for service principal names
Get Token request returned http error: 400 and server response: {"error":"unauthorized_client","error_description":"AADSTS700016: Application with identifier 'bd58677d-d0a4-46a5-9b5a-02c6662ae149' was not found in the directory '055b56f0-423b-4b1a-b6bc-6ae09ab61485'. This can happen if the application has not been installed by the administrator of the tenant or consented to by any user in the tenant. You may have sent your authentication request to the wrong tenant.\r\nTrace ID: cc58c97b-2247-4bf7-ab6c-7d1b993f0b00\r\nCorrelation ID: 42540a48-7d44-494b-9dc2-a8dd9d6c10b7\r\nTimestamp: 2019-03-14 00:46:49Z","error_codes":[700016],"timestamp":"2019-03-14 00:46:49Z","trace_id":"cc58c97b-2247-4bf7-ab6c-7d1b993f0b00","correlation_id":"42540a48-7d44-494b-9dc2-a8dd9d6c10b7","error_uri":"https://login.microsoftonline.com/error?code=700016"}
I have further drilled down that this has to do something with azure tokens, as I can create a VM instances with Azure CLI itself, please see evidence below:
az vm create --resource-group "myResourceGroup" --name "myVM" --image "Win2016Datacenter" --admin-username "Demouser" --admin-password "Demouser#123" --use-unmanaged-disk --location "Australia Southeast"
Azure Error: InvalidTemplateDeployment
Message: The template deployment failed with error: 'The resource with id: '/subscriptions/11855b5b-484f-4104-b77b-a73eb8cd74dc/resourceGroups/myResourceGroup/providers/Microsoft.Compute/virtualMachines/myVM' failed validation with message: 'The requested size for resource '/subscriptions/11855b5b-484f-4104-b77b-a73eb8cd74dc/resourceGroups/myResourceGroup/providers/Microsoft.Compute/virtualMachines/myVM' is currently not available in location 'australiasoutheast' zones '' for subscription '11855b5b-484f-4104-b77b-a73eb8cd74dc'. Please try another size or deploy to a different location or zones. See https://aka.ms/azureskunotavailable for details.'.'.
It did not launched a VM but at least its clear that it was able to proceed should size would have been right.
Can you please try to follow this documentation - https://learn.microsoft.com/en-us/azure/developer/terraform/get-started-cloud-shell-bash?tabs=bash
You need to create environment variables in order to deploy azure portal
One more thing - you need to have environment variables in .tf file
I would suggest you to not store the secrets in plain text
If you are using azure devops pipeline to deploy you can store it in the keyvault or in variables
If you are using terraform cloud with workspaces you can store it in variables