Menu
I have a SPA implemented in Angularjs - Typescript calling VSO API and providing authentication data you can find below:
((): void => {
"use strict";
angular
.module("app")
.config(config);
config.$inject = [
"$httpProvider"
];
function config(
$httpProvider: ng.IHttpProvider
) {
$httpProvider.defaults.headers.common['Authorization'] = "Bearer username:password";
}
});
I see the Network tab of the browser that this call will be redirected to here:
https://app.vssps.visualstudio.com/_signin?realm=dldxdm.visualstudio.com&reply_to...
And a following request.
The console does not show any authentication error, but there is no result of my request (GET) but it should be! Instead of the result I get the message you can see in the screenshot. It is Microsoft Internet Explorer's Enhanced Security Configuration is currently enabled on your environment. This enhanced level of security prevents our web integration experiences from displaying or performing correctly. To continue with your operation please disable this configuration or contact your administrator. But the query executed in Chrome. Why an IE error message is here?
In the browser I logged in to VSO to the project, and if I copy the url and paste into another tab and execute it I'll get the proper result I'm looking for.
Questions:
I googled for the IE error message but there is no answer. The how to disable the enhanced security of IE I have found Windows Server answers. I don't think they are related to my issue.
Update:
Ok, I have an article about what is happening. Next step, implementation.
346
In the Properties section, locate the Internet Explorer Enhanced Security Configuration setting, then select the current setting to open the property page. The Internet Explorer Enhanced Security Configuration dialog box opens. Under Administrators, select the Off option. Select OK.
Internet Explorer Enhanced Security Configuration (ESC) establishes security settings that define how users browse the internet and intranet websites. These settings also reduce the exposure of servers to websites that might present a security risk.
Click Start > Settings > Control Panel and open Add or Remove Programs. In the Add or Remove Programs window, click Add/Remove Windows Components. In the Windows Components Wizard dialog that is displayed, in the Components panel, select the Internet Explorer Enhanced Security Configuration entry and click Details.
Prefix your Personal Access Token(PAT) with :(colon). then Base 64 encode it.
Eg:
If "myaccesstoken" is my PAT,
Apply base 64 encoder to ":myaccesstoken"
In the Authorization header, place your base encoded string as,
Authorization : Basic MyColonPrefixedBase64String
74
I found that this happened to me when my PAT was wrong due to a copy and paste error.
Looks like you are probably failing authentication because you didn't base64 encode the bearer token.
34
I had this same issue. I verified this in postman as follows...
I didn't have to base64 encode my PAT. I found that I just needed to double check that my PAT had the right access. I passed the data as Basic Auth. Username: "whatever the hell you want" Password: PAT
Response: 200 👍
24
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
