Pipeline Permissions - Update Pipeline Permisions For Resources

Reference

Service:: Approvals And Checks

API Version:: 7.1-preview.1

Batch API to authorize/unauthorize a list of definitions for a multiple resources.

PATCH https://dev.azure.com/{organization}/{project}/_apis/pipelines/pipelinepermissions?api-version=7.1-preview.1

URI Parameters

Name	In	Required	Type	Description
organization	path	True	string	The name of the Azure DevOps organization.
project	path	True	string	Project ID or project name
api-version	query	True	string	Version of the API to use. This should be set to '7.1-preview.1' to use this version of the api.

Request Body

Name	Type	Description
body	ResourcePipelinePermissions[]

Responses

Name	Type	Description
200 OK	ResourcePipelinePermissions[]	successful operation

Security

oauth2

Type: oauth2
Flow: accessCode
Authorization URL: https://app.vssps.visualstudio.com/oauth2/authorize&response_type=Assertion
Token URL: https://app.vssps.visualstudio.com/oauth2/token?client_assertion_type=urn:ietf:params:oauth:client-assertion-type:jwt-bearer&grant_type=urn:ietf:params:oauth:grant-type:jwt-bearer

Scopes

Name	Description
vso.pipelineresources_manage	Grants the ability to manage a protected resource or a pipeline's request to use a protected resource: agent pool, environment, queue, repository, secure files, service connection, and variable group

Examples

Sample Request

HTTP

PATCH https://dev.azure.com/{organization}/{project}/_apis/pipelines/pipelinepermissions?api-version=7.1-preview.1

[
  {
    "resource": {
      "type": "queue",
      "id": "1",
      "name": "Default"
    },
    "pipelines": [
      {
        "id": 16,
        "authorized": true
      }
    ]
  },
  {
    "resource": {
      "type": "environment",
      "id": "1",
      "name": "SampleEnv"
    },
    "pipelines": [
      {
        "id": 16,
        "authorized": true
      }
    ]
  }
]

Sample Response

Status code:: 200

request-Context: appId=cid-v1:a892bfef-0287-4640-9f5e-cffc90fbcf94
access-Control-Expose-Headers: Request-Context

Response Body

{
  "count": 2,
  "value": [
    {
      "resource": {
        "type": "queue",
        "id": "1"
      },
      "pipelines": [
        {
          "id": 6,
          "authorized": true,
          "authorizedBy": {
            "displayName": "User Name",
            "id": "3b3db741-9d03-4e32-a7c0-6c3dfc2013c1",
            "uniqueName": "uniqueName",
            "descriptor": "Descriptor"
          },
          "authorizedOn": "2020-01-02T08:59:48.77Z"
        },
        {
          "id": 15,
          "authorized": true,
          "authorizedBy": {
            "displayName": "User Name",
            "id": "3b3db741-9d03-4e32-a7c0-6c3dfc2013c1",
            "uniqueName": "uniqueName",
            "descriptor": "Descriptor"
          },
          "authorizedOn": "2020-11-19T08:14:49.26Z"
        },
        {
          "id": 16,
          "authorized": true,
          "authorizedBy": {
            "displayName": "User Name",
            "id": "3b3db741-9d03-4e32-a7c0-6c3dfc2013c1",
            "uniqueName": "uniqueName",
            "descriptor": "Descriptor"
          },
          "authorizedOn": "2020-11-20T15:10:54.187Z"
        }
      ]
    },
    {
      "resource": {
        "type": "environment",
        "id": "1"
      },
      "pipelines": [
        {
          "id": 6,
          "authorized": true,
          "authorizedBy": {
            "displayName": "User Name",
            "id": "3b3db741-9d03-4e32-a7c0-6c3dfc2013c1",
            "uniqueName": "uniqueName",
            "descriptor": "Descriptor"
          },
          "authorizedOn": "2020-04-20T09:31:06.023Z"
        },
        {
          "id": 11,
          "authorized": true,
          "authorizedBy": {
            "displayName": "User Name",
            "id": "3b3db741-9d03-4e32-a7c0-6c3dfc2013c1",
            "uniqueName": "uniqueName",
            "descriptor": "Descriptor"
          },
          "authorizedOn": "2020-07-21T14:07:21.353Z"
        },
        {
          "id": 15,
          "authorized": true,
          "authorizedBy": {
            "displayName": "User Name",
            "id": "3b3db741-9d03-4e32-a7c0-6c3dfc2013c1",
            "uniqueName": "uniqueName",
            "descriptor": "Descriptor"
          },
          "authorizedOn": "2020-11-19T08:14:47.323Z"
        },
        {
          "id": 16,
          "authorized": true,
          "authorizedBy": {
            "displayName": "User Name",
            "id": "3b3db741-9d03-4e32-a7c0-6c3dfc2013c1",
            "uniqueName": "uniqueName",
            "descriptor": "Descriptor"
          },
          "authorizedOn": "2020-11-20T15:33:01.793Z"
        }
      ]
    }
  ]
}

Definitions

Name	Description
IdentityRef
Permission
PipelinePermission
ReferenceLinks	The class to represent a collection of REST reference links.
Resource
ResourcePipelinePermissions

IdentityRef

Name	Type	Description
_links	ReferenceLinks	This field contains zero or more interesting links about the graph subject. These links may be invoked to obtain additional relationships or more detailed information about this graph subject.
descriptor	string	The descriptor is the primary way to reference the graph subject while the system is running. This field will uniquely identify the same graph subject across both Accounts and Organizations.
directoryAlias	string	Deprecated - Can be retrieved by querying the Graph user referenced in the "self" entry of the IdentityRef "_links" dictionary
displayName	string	This is the non-unique display name of the graph subject. To change this field, you must alter its value in the source provider.
id	string
imageUrl	string	Deprecated - Available in the "avatar" entry of the IdentityRef "_links" dictionary
inactive	boolean	Deprecated - Can be retrieved by querying the Graph membership state referenced in the "membershipState" entry of the GraphUser "_links" dictionary
isAadIdentity	boolean	Deprecated - Can be inferred from the subject type of the descriptor (Descriptor.IsAadUserType/Descriptor.IsAadGroupType)
isContainer	boolean	Deprecated - Can be inferred from the subject type of the descriptor (Descriptor.IsGroupType)
isDeletedInOrigin	boolean
profileUrl	string	Deprecated - not in use in most preexisting implementations of ToIdentityRef
uniqueName	string	Deprecated - use Domain+PrincipalName instead
url	string	This url is the full route to the source resource of this graph subject.

Permission

Name	Type	Description
authorized	boolean
authorizedBy	IdentityRef
authorizedOn	string

PipelinePermission

Name	Type	Description
authorized	boolean
authorizedBy	IdentityRef
authorizedOn	string
id	integer

ReferenceLinks

The class to represent a collection of REST reference links.

Name	Type	Description
links	object	The readonly view of the links. Because Reference links are readonly, we only want to expose them as read only.

Resource

Name	Type	Description
id	string	Id of the resource.
name	string	Name of the resource.
type	string	Type of the resource.

ResourcePipelinePermissions

Name	Type	Description
allPipelines	Permission
pipelines	PipelinePermission[]
resource	Resource