There is a graph Web API for accessing Permission Groups in Devops Online. The Azure CLI also provides an interface for this same functionality. The Graph API and Azure CLI are not available for Azure Devops 2020 Server. I am having trouble finding the corresponding interface for Azure Devops Server. Does anyone know if there is an interface and if so can you point in the right direction?
Thanks!
Related
As I am trying to integrate Azure DevOps rest API in our application (Using C#). I am not able to find any API for pull request Approval process.
Please suggest and provide any solution for Approval process using REST API or other alternatives.
In your C# application code:
If you want to create, update or delete the branch policies related to Pull Request Approval (Reviewers), you can use the "PolicyConfiguration Class" from the related .NET client libraries for Azure DevOps. The corresponding Azure DevOps REST API is "Configurations".
For "Require a minimum number of reviewers", the 'configurationId' is 'fa4e907d-c16b-4a4c-9dfa-4906e5d171dd'.
For "Automatically included reviewers", the 'configurationId' is 'fd2167ab-b0be-447a-8ec8-39368250530e'.
If you want to add, remove reviewers from Pull Request, or set the votes (Approve, Reject, Approve with suggestions, Wait for author, etc..) of reviewers on Pull Request, you can use the "ReviewersUpdatedEvent Class", "ReviewersVotesResetEvent Class" and "ReviewerVoteUpdatedEvent Class". The corresponding Azure DevOps REST API is "Pull Request Reviewers".
[UPDATE]
Below are some samples about using .NET client libraries for Azure DevOps in C# code:
C# client library samples
microsoft/azure-devops-dotnet-samples
I've set up some on-prem Docker-based DevOps agents using a Docker Swarm. However, these agents rely on a PAT to authenticate and connect with our on-prem DevOps 2019 - not a HUGE issue, but PATs have a max lifetime of a year, and I'd rather have this system working longer if possible (on-prem solutions tend to have a lifetime of their own after all).
I know DevOps has an API - alas attempting to find information on how to use it directs me to the DevOps Services (online) versions, which aren't going to work for me (they use things like AAD applications for authentication and that's clearly not going to work on-prem). Annoyingly trying to change the documentation to show what's valid for DevOps 2019 redirects back to documentation for DevOps Services.
Any idea how to generate a PAT using the API on an on-prem DevOps instance, preferably by authenticating via username + password? Or at least where can I find some documentation on this?
If you are trying to use PAT REST API, then you can find it in Azure documents which i am sharing here:
https://learn.microsoft.com/en-us/azure/devops/organizations/accounts/manage-personal-access-tokens-via-api?view=azure-devops
Hope this will help you out.
I am trying to compare the usage of EWS vs Outlook REST Apis for an application that needs to connect to an on-prem exchange server. From what I understand, Exchange 2016 onwards supports REST Apis which are leveraged by Graph APIs as well internally when it determines that the mailbox is on-prem.
My question is, is there any way my application directly use the REST APIs to talk to the on-prem exchange, similar to EWS, if I dont need to support cloud \ hybrid setups?
For example, can I use https://my-on-prem-exchnagehost/api/v2.0/me/messages to connect to and talk to my-on-prem-exchnagehost?
All resources about the Outlook REST APIs talk about a hybrid deployment but non about on-prem only setups. My intention is to use one implementation for both on-prem and cloud where just the API endpoints change in the application, example https://my-on-prem-exchnagehost/api/v2.0/me/messages for on-prem and https://graph.microsoft.com/api/v2.0/me/messages for cloud.
Yes, the REST APIs should be accessible on an on-prem server. Documentation here. Note that the Exchange REST API and the Graph APIs are different and it's not a drop-in replacement with the Graph's interface.
You should note that currently it is NOT supported to use the REST APIs in a pure on-premises environment. It may work (you can fire requests at the /Api endpoint and may get results), but if you hit any issues you are on your own. Until Microsoft announces support for on-premises (which at the time of posting has not happened; I am not aware of any plans to change this), then you should not use it.
Is there any guidance for integrating my SIEM (security information and event management system with) Microsoft Graph to connect my security alerts with other Microsoft Graph entities?
Microsoft Graph integration docs are located here. Currently there is no documentation out there about security or SIEMs, but I believe there will be something announced eminently.
I've published a cross-platform solution into GitHub (https://github.com/tamhinsf/AzureMonitor4Siem) that includes instructions and a script to automate the setup of the Azure Monitor -> Event Hub data pipeline, and a cross-platform .NET Core-based application that connects to Event Hub to download the Azure activities sent to it.
You can use it as a simple solution to perform a file-based integration with a SIEM of your choice.
Additionally, it's another path to validate Graph Security driven alerts into the Monitor -> Event Hub pipeline.
I want to call the TFS Rest API
https://www.visualstudio.com/en-us/docs/integrate/get-started/rest/basics#tfs
from an application that isn't on-premise with that instance of TFS (it'll be in Azure to be specific). Is that possible? Anything special needed to configure a cloud service to call on-premise?
Yes, it is possible, you need to make sure your TFS can be accessible from cloud or another server.
There is an article about providing internet access to TFS that can help you.