Share via

Pipeline Permissions - Update Pipeline Permisions For Resources

  • Reference
Service:
Approvals And Checks
API Version:
7.1-preview.1

Batch API to authorize/unauthorize a list of definitions for a multiple resources.

PATCH https://dev.azure.com/{organization}/{project}/_apis/pipelines/pipelinepermissions?api-version=7.1-preview.1

URI Parameters

Name In Required Type Description
organization
 path True

string

The name of the Azure DevOps organization.
project
 path True

string

Project ID or project name
api-version
 query True

string

Version of the API to use. This should be set to '7.1-preview.1' to use this version of the api.

Request Body

Name Type Description
body

ResourcePipelinePermissions[]

Responses

Name Type Description
200 OK

ResourcePipelinePermissions[]

successful operation

Security

oauth2

Type: oauth2
Flow: accessCode
Authorization URL: https://app.vssps.visualstudio.com/oauth2/authorize&response_type=Assertion
Token URL: https://app.vssps.visualstudio.com/oauth2/token?client_assertion_type=urn:ietf:params:oauth:client-assertion-type:jwt-bearer&grant_type=urn:ietf:params:oauth:grant-type:jwt-bearer

Scopes

Name Description
vso.pipelineresources_manage Grants the ability to manage a protected resource or a pipeline's request to use a protected resource: agent pool, environment, queue, repository, secure files, service connection, and variable group

Examples

Sample request

PATCH https://dev.azure.com/{organization}/{project}/_apis/pipelines/pipelinepermissions?api-version=7.1-preview.1

[
  {
    "resource": {
      "type": "queue",
      "id": "1",
      "name": "Default"
    },
    "pipelines": [
      {
        "id": 16,
        "authorized": true
      }
    ]
  },
  {
    "resource": {
      "type": "environment",
      "id": "1",
      "name": "SampleEnv"
    },
    "pipelines": [
      {
        "id": 16,
        "authorized": true
      }
    ]
  }
]

Sample response

Status code:
200 
request-Context: appId=cid-v1:a892bfef-0287-4640-9f5e-cffc90fbcf94
access-Control-Expose-Headers: Request-Context
{
  "count": 2,
  "value": [
    {
      "resource": {
        "type": "queue",
        "id": "1"
      },
      "pipelines": [
        {
          "id": 6,
          "authorized": true,
          "authorizedBy": {
            "displayName": "User Name",
            "id": "3b3db741-9d03-4e32-a7c0-6c3dfc2013c1",
            "uniqueName": "uniqueName",
            "descriptor": "Descriptor"
          },
          "authorizedOn": "2020-01-02T08:59:48.77Z"
        },
        {
          "id": 15,
          "authorized": true,
          "authorizedBy": {
            "displayName": "User Name",
            "id": "3b3db741-9d03-4e32-a7c0-6c3dfc2013c1",
            "uniqueName": "uniqueName",
            "descriptor": "Descriptor"
          },
          "authorizedOn": "2020-11-19T08:14:49.26Z"
        },
        {
          "id": 16,
          "authorized": true,
          "authorizedBy": {
            "displayName": "User Name",
            "id": "3b3db741-9d03-4e32-a7c0-6c3dfc2013c1",
            "uniqueName": "uniqueName",
            "descriptor": "Descriptor"
          },
          "authorizedOn": "2020-11-20T15:10:54.187Z"
        }
      ]
    },
    {
      "resource": {
        "type": "environment",
        "id": "1"
      },
      "pipelines": [
        {
          "id": 6,
          "authorized": true,
          "authorizedBy": {
            "displayName": "User Name",
            "id": "3b3db741-9d03-4e32-a7c0-6c3dfc2013c1",
            "uniqueName": "uniqueName",
            "descriptor": "Descriptor"
          },
          "authorizedOn": "2020-04-20T09:31:06.023Z"
        },
        {
          "id": 11,
          "authorized": true,
          "authorizedBy": {
            "displayName": "User Name",
            "id": "3b3db741-9d03-4e32-a7c0-6c3dfc2013c1",
            "uniqueName": "uniqueName",
            "descriptor": "Descriptor"
          },
          "authorizedOn": "2020-07-21T14:07:21.353Z"
        },
        {
          "id": 15,
          "authorized": true,
          "authorizedBy": {
            "displayName": "User Name",
            "id": "3b3db741-9d03-4e32-a7c0-6c3dfc2013c1",
            "uniqueName": "uniqueName",
            "descriptor": "Descriptor"
          },
          "authorizedOn": "2020-11-19T08:14:47.323Z"
        },
        {
          "id": 16,
          "authorized": true,
          "authorizedBy": {
            "displayName": "User Name",
            "id": "3b3db741-9d03-4e32-a7c0-6c3dfc2013c1",
            "uniqueName": "uniqueName",
            "descriptor": "Descriptor"
          },
          "authorizedOn": "2020-11-20T15:33:01.793Z"
        }
      ]
    }
  ]
}

Definitions

Name Description
IdentityRef
Permission
PipelinePermission
ReferenceLinks

The class to represent a collection of REST reference links.
Resource
ResourcePipelinePermissions

IdentityRef

Name Type Description
_links

ReferenceLinks

This field contains zero or more interesting links about the graph subject. These links may be invoked to obtain additional relationships or more detailed information about this graph subject.
descriptor

string

The descriptor is the primary way to reference the graph subject while the system is running. This field will uniquely identify the same graph subject across both Accounts and Organizations.
directoryAlias

string

Deprecated - Can be retrieved by querying the Graph user referenced in the "self" entry of the IdentityRef "_links" dictionary
displayName

string

This is the non-unique display name of the graph subject. To change this field, you must alter its value in the source provider.
id

string

imageUrl

string

Deprecated - Available in the "avatar" entry of the IdentityRef "_links" dictionary
inactive

boolean

Deprecated - Can be retrieved by querying the Graph membership state referenced in the "membershipState" entry of the GraphUser "_links" dictionary
isAadIdentity

boolean

Deprecated - Can be inferred from the subject type of the descriptor (Descriptor.IsAadUserType/Descriptor.IsAadGroupType)
isContainer

boolean

Deprecated - Can be inferred from the subject type of the descriptor (Descriptor.IsGroupType)
isDeletedInOrigin

boolean

profileUrl

string

Deprecated - not in use in most preexisting implementations of ToIdentityRef
uniqueName

string

Deprecated - use Domain+PrincipalName instead
url

string

This url is the full route to the source resource of this graph subject.

Permission

Name Type Description
authorized

boolean

authorizedBy

IdentityRef

authorizedOn

string

PipelinePermission

Name Type Description
authorized

boolean

authorizedBy

IdentityRef

authorizedOn

string

id

integer

The class to represent a collection of REST reference links.

Name Type Description
links

object

The readonly view of the links. Because Reference links are readonly, we only want to expose them as read only.

Resource

Name Type Description
id

string

Id of the resource.
name

string

Name of the resource.
type

string

Type of the resource.

ResourcePipelinePermissions

Name Type Description
allPipelines

Permission

pipelines

PipelinePermission[]

resource

Resource