Share via

failed to create webhook

Vamshi Krishna A :: Kshema 0 Reputation points
2025-02-20T06:17:46.88+00:00

/bytebase.v1.VCSConnectorService/CreateVCSConnector INTERNAL: failed to create webhook for project kshema-desing-v2 with error: failed to create webhook: failed to create webhook, code: 403, body: {"$id":"1","customProperties":{"Descriptor":"Microsoft.IdentityModel.Claims.ClaimsIdentity;225a33a3-a252-427b-a09a-5ae946b50ce4\******@kshema.co","IdentityDisplayName":"Jagan Babu K (Consultant) :: Kshema","Token":"PublisherSecurity/171b859f-8164-4197-8f27-d08a8a96db85","RequestedPermissions":2,"NamespaceId":"cb594ebe-87dd-4fc9-ac2c-6a10a4c92046"},"innerException":null,"message":"Access Denied: dadde28e-b17a-6c13-8432-79e00e2e0fb7 needs the following permission(s) on the resource PublisherSecurity/171b859f-8164-4197-8f27-d08a8a96db85 to perform this action: Edit Subscription","typeName":"Microsoft.VisualStudio.Services.Security.AccessCheckException, Microsoft.VisualStudio.Services.WebApi","typeKey":"AccessCheckException","errorCode":0,"eventId":3000}

failed to create webhook for project kshema-desing-v2 with error: failed to create webhook: failed to create webhook, code: 403, body: {"$id":"1","customProperties":{"Descriptor":"Microsoft.IdentityModel.Claims.ClaimsIdentity;225a33a3-a252-427b-a09a-5ae946b50ce4\******@kshema.co","IdentityDisplayName":"Jagan Babu K (Consultant) :: Kshema","Token":"PublisherSecurity/171b859f-8164-4197-8f27-d08a8a96db85","RequestedPermissions":2,"NamespaceId":"cb594ebe-87dd-4fc9-ac2c-6a10a4c92046"},"innerException":null,"message":"Access Denied: dadde28e-b17a-6c13-8432-79e00e2e0fb7 needs the following permission(s) on the resource PublisherSecurity/171b859f-8164-4197-8f27-d08a8a96db85 to perform this action: Edit Subscription","typeName":"Microsoft.VisualStudio.Services.Security.AccessCheckException, Microsoft.VisualStudio.Services.WebApi","typeKey":"AccessCheckException","errorCode":0,"eventId":3000}

Azure DevOps

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Suresh Chikkam 545 Reputation points Microsoft External Staff
    2025-03-14T10:17:42.3833333+00:00

    Hi @Vamshi Krishna A :: Kshema,

    One of the first things you should check is whether the user or service principal has the right permissions. Go to Azure DevOps → Project Settings → Security, and find the PublisherSecurity/171b859f-8164-4197-8f27-d08a8a96db85 resource. Confirm that the user "dadde28e-b17a-6c13-8432-79e00e2e0fb7" has the necessary permissions to edit subscriptions.

    If you’re using a service connection to create the webhook, you might need to check if it has the right authorization scope. You can do this by going to Project Settings → Service Connections, finding the connection, and checking it has the necessary permissions.

    Another possible reason is that your Azure DevOps organization has strict policies regarding webhooks, and an admin needs to approve the creation. If that’s the case, you need to reach out to someone with admin privileges to get it approved.

    Also, if you're using a Personal Access Token (PAT), double-check its permissions. It should have "Manage Subscriptions and Webhooks" and "Read & Manage Service Hooks" enabled. If not, you might need to generate a new one with the correct scope.

    If none of that helps, you can try creating the webhook manually through the Azure DevOps UI instead of using Terraform or a script. This will help confirm if the issue is with permissions or something else.

    Hope it helps!

    Please do not forget to click "Accept the answer” and Yes wherever the information provided helps you, this can be beneficial to other community members.

    User's image

    If you have any other questions or still running into more issues, let me know in the "comments" and I would be happy to help you.

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.