[Question]: What authentication methods are supported for InvokeRESTAPI?

[jennings]

Task name

InvokeRESTAPI

Task version

1

Environment type (Please select at least one enviroment where you face this issue)

• Self-Hosted
• Microsoft Hosted
• VMSS Pool
• Container

Azure DevOps Server type

dev.azure.com (formerly visualstudio.com)

Azure DevOps Server Version (if applicable)

No response

Operation system

N/A

Question

The documentation is unclear how InvokeRESTAPI authenticates to the server it's sending a request to. Generic service credentials have separate username and password fields, but neither the credential nor InvokeRESTAPI specify whether they will always be used with HTTP Basic authentication, or if there's any way to use the Bearer scheme, or something else.

I looked up the InvokeRESTAPI task but found there's no actual code here, just a HttpRequest block since it's a server side task. Then I found the server side task authoring documentation, but it says only:

EndpointId: - EndpointId that should be used to generate the authentication header.

The documentation should specify exactly how authentication is handled, even if the answer is, "Only HTTP Basic authentication is supported".

[github-actions]

This issue is stale because it has been open for 180 days with no activity. Remove the stale label or comment on the issue otherwise this will be closed in 5 days

[jennings]

I am still interested in this answer.

[ojecborec]

Both username and password/token fields are optional. It would be nice if bearer authentication was supported when only token field was present.