FireDAC Components for Azure DevOps

Build 21.0.7930

Creating a Custom OAuth App

When to Create a Custom OAuth App

Creating a custom OAuth app is required in the web flow. Creating a custom OAuth app is optional for desktop and headless applications; the component is already registered with Azure DevOps and you can connect with its embedded credentials.

You might want to create a custom OAuth app to change the information displayed when users log into the Azure DevOps OAuth endpoint to grant permissions to the component.

Follow the steps below to create a custom OAuth app and obtain the connection properties in a specific OAuth authentication flow.

Create a Custom OAuth App: Desktop

Register an app in the Azure portal to obtain the following connection properties:

  • OAuthClientId
  • OAuthClientSecret
  • CallbackURL
  1. After logging in to the Azure Portal with your account, click Azure Active Directory -> App Registrations.
  2. Click New Registration.
  3. Enter an app name and set the radio button for "Any Azure AD Directory - Multi Tenant". Then set the redirect url to something such as http://localhost:33333, the provider's default. Or, set a different port of your choice and set CallbackURL to the exact reply URL you defined.
  4. On the main page of your app you can find the OAuthClientId. You can generate a OAuthClientSecret in Certificates and Secrets -> Client Secrets.
You must also add permission to use the Azure DevOps API:
  1. In the section, click API permissions -> Add -> Select an API -> Azure DevOps
  2. In the Select Permissions step, enable the user_impersonation permission.

Create a Custom OAuth App: Web Applications

Register your Azure DevOps app on the Azure portal to obtain the following connection properties:

  • OAuthClientId
  • OAuthClientSecret
  1. After logging in to the Azure Portal with your account, click Azure Active Directory -> App Registrations.
  2. Click New Registration.
  3. Enter an app name and set the radio button for "Any Azure AD Directory - Multi Tenant". Set the Sign-on URL you want to use as a trusted redirect URL, where the user will return with the token that verifies that they have granted your app access.
  4. On the main page of your app you can find the OAuthClientId. You can generate a OAuthClientSecret in Certificates and Secrets -> Client Secrets.
You must also add permission to use the Azure DevOps API:
  1. In the section, click API permissions -> Add -> Select an API -> Azure DevOps
  2. In the Select Permissions step, enable the user_impersonation permission.

Create a Custom OAuth App: Headless Machines

Register your Azure DevOps app on the Azure portal to obtain the following connection properties:

  • OAuthClientId
  • OAuthClientSecret
  1. After logging in to the Azure Portal with your account, click Azure Active Directory -> App Registrations.
  2. Click New Registration.
  3. Enter an app name and set the radio button for "Any Azure AD Directory - Multi Tenant". Then set the redirect url to something such as http://localhost:33333, the provider's default. Or, set a different port of your choice and set CallbackURL to the exact reply URL you defined.
  4. On the main page of your app you can find the OAuthClientId. You can generate a OAuthClientSecret in Certificates and Secrets -> Client Secrets.
You must also add permission to use the Azure DevOps API:
  1. In the section, click API permissions -> Add -> Select an API -> Azure DevOps
  2. In the Select Permissions step, enable the user_impersonation permission.

Copyright (c) 2021 CData Software, Inc. - All rights reserved.
Build 21.0.7930