question

learner-7696 avatar image
0 Votes"
learner-7696 asked tbgangav-MSFT answered

An error occurred while creating the source control named 'devops'. Error details:SourceControl securityToken is invalid..

I'm trying add Azure Devops repo for Runbook sync into Azure Automation Accounts. I followed steps in this guide: https://docs.microsoft.com/en-us/azure/automation/source-control-integration
System managed identity has required role assigned. After supplying values for the 'Source Control' +Add form Authentication successful but finally it fails with message:
'SourceControls securityToken in invalid'. Picture is attached. Please, help me if you have already encountered this problem and how did you resolve it?193277-screen-shot-2022-04-14-at-82007-pm.png


azure-automation
screen-shot-2022-04-14-at-82007-pm.png (803.2 KiB)
· 4
5 |1600 characters needed characters left characters exceeded
Toggle Comment visibility. Current Visibility: Visible to all users

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

tbgangav-MSFT avatar image tbgangav-MSFT ·

Hi @learner-7696,

I have tried to reproduce the issue in my lab but it was successful as shown in below screenshot.

Looks like it is similar to this issue so if possible disable conditional access policies if you have any in your environment and test if you are able to resolve the error.

On the other hand, I will reach out to internal team to get latest update on this related feature request and will get back to you as I hear more information.


193518-image.png

0 Votes 0 ·
image.png (30.0 KiB)
tbgangav-MSFT avatar image tbgangav-MSFT ·

Hi @learner-7696,

Did you get chance to check my earlier response? Let me know if you were able to resolve the issue or else if have any further queries with regards to it.

On the other hand, I am yet to hear back from internal product team on this feature request. I will get back to you as I hear more information.

0 Votes 0 ·
ChrisAtMAF avatar image ChrisAtMAF tbgangav-MSFT ·

@tbgangav-MSFT @learner-7696

Had the same error today - I found that I needed to enable the 'Third-party application access via OAuth' in Azure DevOps / Organization Settings / Policies / Application connection policies

Apparently this policy is 'defaulted to off for all new organizations.'

https://docs.microsoft.com/en-us/azure/devops/organizations/accounts/change-application-access-policies?view=azure-devops#application-connection-policies

It would be good if the Azure Automation documentation could be updated to reflect this necessary prerequisite.

0 Votes 0 ·
tbgangav-MSFT avatar image tbgangav-MSFT ChrisAtMAF ·

@ChrisAtMAF Thanks for the insights here. Sure, I will update the Azure Automation document and ping you back here in couple of days.

0 Votes 0 ·

1 Answer

tbgangav-MSFT avatar image
0 Votes"
tbgangav-MSFT answered

<<Resurfacing or summarizing the information shared over comments section, so it helps broader community users.>>

Thanks to @ChrisAtMAF for providing insights around the error "SourceControl securityToken is invalid". As per this Azure docs github issue, this Azure document is now updated with the details around the same i.e.,

According to this Azure DevOps documentation, "Third-party application access via OAuth" policy is defaulted to "off" for all new organizations. So if you try to configure source control in Azure Automation with "Azure Devops (Git)" as source control type without enabling "Third-party application access via OAuth" under Policies tile of Organization Settings in Azure DevOps then you might get "SourceControl securityToken is invalid" error. Hence to avoid this error, make sure you first enable "Third-party application access via OAuth" under Policies tile of Organization Settings in Azure DevOps.

5 |1600 characters needed characters left characters exceeded
Toggle Comment visibility. Current Visibility: Visible to all users

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.