7

I would like to be able to add a public key for SSH access to Azure DevOps via the API but I can't seem to find a way to do it in the doco. Doing it manually via the UI is not feasible since this is for many users and many projects. Thanks

Improve this question
0

2 Answers 2

Reset to default
5

The API is not documented, however we can track it with tools... You can add SSH public keys by calling below REST API:

Write a script to create the SSH keys with the ssh-keygen command for users, please see Use SSH key authentication for details.

Then call the REST API to add the public keys:

POST https://{Account}.visualstudio.com/_details/security/keys/Edit

Content-Type: application/json

Request body:

{"Description":"Test1001","__RequestVerificationToken":"","AuthorizationId":"","Data":"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDGZyIoG6eH9nTm/Cu2nVDa7hTNfaMWkwayghFmYTvqCkOwao2YJesGVih1fA3oR4tPsVv4+Vr8wxPCfJCboUrL9NDoH1tAMsIlkQZHqgaJwnGNWnPrnp0r2+wjLQJFPq/pPd8xKwr6QU0BxzZ4RuLDfMFz/MR1cQ2iWWKJuO/TXYrSPtY9XqsmMC8Zo4zJln40PGZt+ecOyQCNHCXsEJ3C+QIUXSqAkb8yknZ4apLf1oqfFRngtV4w84Ua/ZLpNduPZrBcm/mCU5Jq6H37jxhx4kluheJrfpAXbvbQlPTKa2zaOHp7wb3B2E2HvESJmx5ExNuAHoygcq/QGjsRsiUR andy@xxx@ws0068"}

enter image description here

Improve this answer
Sign up to request clarification or add additional context in comments.

4 Comments

What kind of authentication are you using? The only thing I can get a 401 with is Basic Auth. All other types of authentication throw a 500.
@andy-li-msft Does this POST method still work? I receive a 400 Bad Request response from the server when attempting this using the exact same method you posted above. I can list keys absolutely fine.
Hey, I'm developing an app that needs to clone the project from azure devops and in order to do so, I really need this endpoint to work. Are there any plans to support this?
I also see a 400 with "Could not add public key". I do not believe this API is supported and/or is disabled
0

If someone is seeing this after 2024, the url for devops has changed to dev.azure.com/orgname

And for the auth part, I just successfully added an SSH key with

ssh-keygen -t rsa
...
TOKEN=$(az account get-access-token | jq -r .accessToken)
KEY=$(cat [keyfile])
http post https://dev.azure.com/[orgname]/_details/security/keys/Edit Authorization:"Bearer $TOKEN" Description="my-new-key" Data="$KEY"

this uses Httpie cli.

I had problems adding the keys via Web UI, and after looking at the API responses it was clear that somehow DevOps had a public key with the signature i was trying to add, but refused to show it in the UI or accept it for Git. So I generated a new key and it worked.

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.