People who use Visual Studio Online for a while are probably familiar with the alternate credentials. These are used when accessing the REST API or when using an external client for accessing your Git repositories.
You configure your alternate credentials on your [My Profile] page and fill a username and password of your choice.
Once you enable your credentials, you can use these credentials when doing a REST call or (easier to test) clone a Git repository
This is great but not the most secure way of doing things.
Personal Access Tokens
In the update of July 7th, we now have the ability to use Personal Access Tokens as an alternative to the Alternate Credentials. Instead of sending our username and password over the wire we an now use a secure token that we can scope to a timeframe and to functionality within VSO. On the [My Profile] page you can configure one or more Personal Access Tokens. For example a token to access Code Features.
When you create the token, you see a token (only visible after creation !) that you should copy and keep safe.
This token alone is sufficient to authenticate against VSO. So when you now clone a Git repository you only have to fill in this token in the password box. Username can be empty or any value
The great thing is that you can revoke rights or the token afterwards and make sure that people cannot access stuff anymore.
Hope this helps!
How do you actually use one of these things? Do I just send the personal access token as the value of the authorization header in the request? Does it have to be formatted some certain way? I’m using Casablanca for a command line tool and I can’t get it to authenticate using a personal access token against the REST APIs. This all seems to be too new to have much around the net about using it, this and one other blog post announcing it are all I found. Any docs that get into the specifics of the handshake?
I used Postman in Google Chrone as App Postman sends the value in the header. Just like the basic authentication. Hope this helps !
Is there a way to set the access token in a config so I don’t have to copy paste it?
I know VSO is working on SSH support but in the meanwhile….
Thx.
What config do you mean ?
I use powershell to read token from config file and replace it to url like this https://token@xxx.visualstudio.com/DefaultCollection/XXX/_git/xxx
Sorry for an irrelevant question! Which tool you used for drawing frame and curved line?
Paint.net 🙂
That tool is cool. Your article is great!
Silly Question :- )
But is this functionality also available in the normal “non-cloud version” of TFS 2015 ?
Nope…
Bummer.Thanks for your answer!