2

I am working on automating Azure Active Directory App Registrations and Azure Devops Service Connections, and have hit a wall.

I want to query Azure DevOps service connections (service endpoints) by Service Principal ID (or at least get the id). This is possible when using Azure CLI:

az devops service-endpoint list --query "[?authorization.parameters.serviceprincipalid=='xxx']"

But since I am running this in Azure automation account as a powershell runbook, the Azure CLI is not supported.

Then I tried the Azure DevOps REST API, and called it from powershell, but the response does not contain the service principal ID, but just this:

authorization : @{parameters=; scheme=ServicePrincipal}

Does anyone have an idea on how to solve this?

UPDATE

I am calling the rest API like this:

$uriAccount = $UriOrg + "_apis/serviceendpoint/endpoints?endpointNames={name}&api-version=6.1-preview.4"
$result = Invoke-RestMethod -Uri $uriAccount -Method get -Headers $AzureDevOpsAuthenicationHeader

And $result.value gives me this:

authorization : @{parameters=; scheme=ServicePrincipal}
Hush
  • 23
  • 1
  • 6
  • Hi there, please check whether my answer below can help you. If not, could you edit your question and provide which REST API you are using so that people can further investigate the question. – Jane Ma-MSFT Dec 31 '20 at 07:20

1 Answers1

2

You can try the REST API Endpoints - Get Service Endpoints By Names.

GET https://dev.azure.com/{organization}/{project}/_apis/serviceendpoint/endpoints?endpointNames={endpointNames}&api-version=6.0-preview.4

In this REST API, you can find the id and details by the name of a service connection.

Here is an example to use the REST API in PowerShell:

$token = "{pat}"
$token = [System.Convert]::ToBase64String([System.Text.Encoding]::ASCII.GetBytes(":$($token)"))
$url="https://dev.azure.com/{organization}/{project}/_apis/serviceendpoint/endpoints?endpointNames={endpointNames}&api-version=6.0-preview.4"
$head = @{ Authorization =" Basic $token" }
Invoke-RestMethod -Uri $url -Method GET -Headers $head

Update:

The cause for this question is that you output result in the wrong way.

For JSON response bodies, there is no intuitive way to get results without specifying the final layer. Here is my modified code, notice how I print result:

$token = "{pat}"
$token = [System.Convert]::ToBase64String([System.Text.Encoding]::ASCII.GetBytes(":$($token)"))
$url="https://dev.azure.com/{organization}/{project}/_apis/serviceendpoint/endpoints?endpointNames={endpointNames}&api-version=6.0-preview.4"
$head = @{ Authorization =" Basic $token" }
$reslut = Invoke-RestMethod -Uri $url -Method GET -Headers $head
echo $result.value.authorization.parameters
Jane Ma-MSFT
  • 4,461
  • 1
  • 6
  • 12