1

I'm running Windows 10 and making a script to handle/start VSTS builds.

Sample call (overriding properties for testing):

$env:SYSTEM_TEAMFOUNDATIONCOLLECTIONURI = "https://mytenancy.visualstudio.com/"
$env:SYSTEM_TEAMPROJECTID = "Project1"
$env:SYSTEM_DEFINITIONID = 5
#$env:SYSTEM_ACCESSTOKEN = "mytoken" - uncomment when running locally

$url = "$($env:SYSTEM_TEAMFOUNDATIONCOLLECTIONURI)$env:SYSTEM_TEAMPROJECTID/_apis/build/definitions/$($env:SYSTEM_DEFINITIONID)?api-version=2.0"
Write-Host "URL: $url"
$definition = Invoke-RestMethod -Uri $url -Headers @{
    Authorization = "Bearer $env:SYSTEM_ACCESSTOKEN"
}
Write-Host "Definition = $($definition | ConvertTo-Json -Depth 100)"
"Authenticated"

This script works fine on the server, but if I uncomment the $env:SYSTEM_ACCESSTOKEN and run locally, I get the following error:

Microsoft Internet Explorer\u0026#39;s Enhanced Security Configuration is currently enabled on your environment. This enhanced level of security prevents our web integration experiences from displaying or performing correctly. To continue with your operation please disable this configuration or contact your administrator.

I'm running Windows 10.

I've tried many things, including:

  • Turning off as much security as possible in Internet Options.
  • Fresh Token
  • Converting the token to a secure string
  • Converting to a Base64 string as detailed in the answer to this post

How can I authenticate locally?

EDIT (following accepted answer)

The accepted answer solved the problem. I think the two key points here were:

  • The correct encoding in conversion to Base64
  • Changing authentication from Bearer to Basic when running in this way (locally).

Final code:

$user = "[username]"
$accessToken="[token]"
$base64AuthInfo = [Convert]::ToBase64String([Text.Encoding]::ASCII.GetBytes(("{0}:{1}" -f $user,$accessToken)))
$env:SYSTEM_TEAMFOUNDATIONCOLLECTIONURI = "https://mytenancy.visualstudio.com/"
$env:SYSTEM_TEAMPROJECTID = "Project1"

$checkBuildUrl = "$($env:SYSTEM_TEAMFOUNDATIONCOLLECTIONURI)$($env:SYSTEM_TEAMPROJECTID)/_apis/build/builds/$($requestedBuildId)?api-version=2.0"

$buildStatus = Invoke-RestMethod -Uri $checkBuildUrl -Headers @{Authorization=("Basic {0}" -f $base64AuthInfo)}
Peter Mortensen
  • 30,738
  • 21
  • 105
  • 131
JsAndDotNet
  • 16,260
  • 18
  • 100
  • 123

1 Answers1

2

Create a new access token and refer to this code to call the REST API through PowerShell:

$user = "[anything]"
$accessToken="[access token]"
$base64AuthInfo = [Convert]::ToBase64String([Text.Encoding]::ASCII.GetBytes(("{0}:{1}" -f $user,$accessToken)))
...
Invoke-RestMethod -Uri $uri -Method Post -ContentType "application/json" -Headers @{Authorization=("Basic {0}" -f $base64AuthInfo)} -Body $bodyJson

Regarding enhanced security, there is a similar issue:

Enhanced Security Error while Visual Studio Team Services Rest API

Peter Mortensen
  • 30,738
  • 21
  • 105
  • 131
starian chen-MSFT
  • 33,174
  • 2
  • 29
  • 53