Pats - Create
Creates a new personal access token (PAT) for the requesting user.
POST https://vssps.dev.azure.com/{organization}/_apis/tokens/pats?api-version=7.2-preview.1URI Parameters
| Name | In | Required | Type | Description |
|---|---|---|---|---|
|
organization
|
path | True |
string |
The name of the Azure DevOps organization. |
|
api-version
|
query | True |
string |
Version of the API to use. This should be set to '7.2-preview.1' to use this version of the api. |
Request Body
| Name | Type | Description |
|---|---|---|
| allOrgs |
boolean |
True, if this personal access token (PAT) is for all of the user's accessible organizations. False, if otherwise (e.g. if the token is for a specific organization) |
| displayName |
string |
The token name |
| scope |
string |
The token scopes for accessing Azure DevOps resources |
| validTo |
string (date-time) |
The token expiration date. If the "Enforce maximum personal access token lifespan" policy is enabled and the provided token expiration date is past the maximum allowed lifespan, it will return back a PAT with a validTo date equal to the current date + maximum allowed lifespan. |
Responses
| Name | Type | Description |
|---|---|---|
| 200 OK |
successful operation |
Security
accessToken
Personal access token. Use any value for the user name and the token as the password.
Type:
basic
Examples
Create a new personal access token
Sample request
POST https://vssps.dev.azure.com/{organization}/_apis/tokens/pats?api-version=7.2-preview.1
{
"displayName": "new_token",
"scope": "app_token",
"validTo": "2020-12-01T23:46:23.319Z",
"allOrgs": false
}
Sample response
{
"patToken": {
"displayName": "new_token",
"validTo": "2020-12-01T23:46:23.32Z",
"scope": "app_token",
"targetAccounts": [
"38aaa865-2c70-4bf7-a308-0c6539c38c1a"
],
"validFrom": "2020-11-02T22:56:52.1033333Z",
"authorizationId": "4ab5764f-4193-4f1d-b995-64144880b7d7",
"token": "dip55dwf4vpitomw63jzvomefmi2jluguprzwwqwuc6xq4fhocwq"
},
"patTokenError": "none"
}Definitions
| Name | Description |
|---|---|
|
Pat |
Represents a personal access token (PAT) used to access Azure DevOps resources |
|
Pat |
Encapsulates the request parameters for creating a new personal access token (PAT) |
|
Pat |
Contains the resulting personal access token (PAT) and the error (if any) that occurred during the operation |
|
Session |
The error (if any) that occurred |
PatToken
Represents a personal access token (PAT) used to access Azure DevOps resources
| Name | Type | Description |
|---|---|---|
| authorizationId |
string (uuid) |
Unique guid identifier |
| displayName |
string |
The token name |
| scope |
string |
The token scopes for accessing Azure DevOps resources |
| targetAccounts |
string[] (uuid) |
The organizations for which the token is valid; null if the token applies to all of the user's accessible organizations |
| token |
string |
The unique token string generated at creation |
| validFrom |
string (date-time) |
The token creation date |
| validTo |
string (date-time) |
The token expiration date |
PatTokenCreateRequest
Encapsulates the request parameters for creating a new personal access token (PAT)
| Name | Type | Description |
|---|---|---|
| allOrgs |
boolean |
True, if this personal access token (PAT) is for all of the user's accessible organizations. False, if otherwise (e.g. if the token is for a specific organization) |
| displayName |
string |
The token name |
| scope |
string |
The token scopes for accessing Azure DevOps resources |
| validTo |
string (date-time) |
The token expiration date. If the "Enforce maximum personal access token lifespan" policy is enabled and the provided token expiration date is past the maximum allowed lifespan, it will return back a PAT with a validTo date equal to the current date + maximum allowed lifespan. |
PatTokenResult
Contains the resulting personal access token (PAT) and the error (if any) that occurred during the operation
| Name | Type | Description |
|---|---|---|
| patToken |
The resulting personal access token (PAT) |
|
| patTokenError |
The error (if any) that occurred |
|
| patTokenErrorMessage |
string |
The error message (if any) that occurred |
SessionTokenError
The error (if any) that occurred
| Value | Description |
|---|---|
| accessDenied | |
| authorizationNotFound | |
| deploymentHostNotSupported | |
| disablePatCreationPolicyViolation | |
| displayNameRequired | |
| duplicateHash | |
| failedToIssueAccessToken | |
| failedToReadOrgPolicy | |
| failedToReadTenantPolicy | |
| failedToUpdateAccessToken | |
| fullScopePatPolicyViolation | |
| globalPatPolicyViolation | |
| hostAuthorizationNotFound | |
| invalidAudience | |
| invalidAuthorizationId | |
| invalidClient | |
| invalidClientId | |
| invalidClientType | |
| invalidDisplayName | |
| invalidScope | |
| invalidSource | |
| invalidSourceIP | |
| invalidSubject | |
| invalidTargetAccounts | |
| invalidToken | |
| invalidTokenType | |
| invalidUserId | |
| invalidUserType | |
| invalidValidTo | |
| none | |
| patLifespanPolicyViolation | |
| sourceNotSupported | |
| sshPolicyDisabled | |
| tokenNotFound | |
| userIdRequired |