Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

VSO REST API - Getting user profile image only works with basic authentication?

Tags:

c#

dotnet-httpclient

windows-store-apps

azure-devops

azure-devops-rest-api

I'm using the VSO REST API to get all members in a team, from there I'm getting the ImageUrl of the member.

If I just bind an Image control to ImageUrl it's blank because VSO requires that I be signed in to get a profile picture... so I created a HttpClient and set my Authorization to OAuth and gave it my access token.

This just returns a 403 : Forbidden response... But if I use basic authentication, then everything works fine?

Is basic authentication the only method to get profile images from VSO via the REST API?

like image 642
BeginnerCoder Avatar asked Apr 11 '15 11:04

BeginnerCoder

People also ask

How do you call REST API with basic authentication?

The client must create a POST call and pass the user name, password, and authString in the Request headers using the /x-www-form-urlencoded content type. The AR System server then performs the normal authentication mechanisms to validate the credentials.

Is basic authentication secure FOR REST API?

Basic authentication is an HTTP-based authentication approach and is the simplest way to secure REST APIs. It uses a Base64 format to encode usernames and passwords, both of which are stored in the HTTP header.

How do I authenticate a user in REST Web services?

Use of basic authentication is specified as follows: The string "Basic " is added to the Authorization header of the request. The username and password are combined into a string with the format "username:password", which is then base64 encoded and added to the Authorization header of the request.

1 Answers

Both Basic Auth and OAuth 2.0 are supported by the REST API.

Click through to details on using OAuth 2.0 with the API

UPDATE: Missed an important part of the question. Sorry. :-(

To get a user's image the endpoint is 

https://*.visualstudio.com/DefaultCollection/_api/_common/identityImage?id=<Guid>

Unfortunately _api/_common/identityImage is not an allowed route for an app that authenticates with an OAuth access token at the moment, so this is an expected behavior. The team is aware of it, though I don't know where it is in their list of priorities.

Add a suggestion at http://visualstudio.uservoice.com for this so that it makes the request more visible for them.

like image 99
Richard Banks Avatar answered Oct 18 '22 13:10

Richard Banks
Sign in to Comment

Related questions

How can I make a composite component usable with the designer?
How to set your sensitive data in the application code when creating ADO.NET Model?d some tag a
Paste from Excel to WPF DataGrid
How many threads to use?
How to avoid Service Locator Anti-Pattern?
How to force LINQ to SQL to evaluate the whole query in the database?
How can I get more than 100 decimal digits in C#?
Calling C# method within a Java program
Excluding Types in the Generic Constraints (Possible?)
GroupPrincipal.GetMembers fails when group (or child group if recursive) contains ForeignSecurityPrincipal
ListViewItem's group not being preserved through another collection
Compile C# on a (not for) Windows 8 ARM Tablet
Differences Between Output of C# Compiler and C++/CLI Compiler
Check if object is of non-specific generic type in C#
Render rdlc to pdf in azure website
.NET (Visual Studio) Share assets between projects
MVC Model Binding List of objects
While attempting to publish a cloud service, I get: "Error: A security token validation error occured for the received JWT token..."
Reference TFS work item from code comment
WCF Custom Authorization

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!