add_membership
Create a new membership between a container and subject.
Parameters
api-version (required)
Version of the API to use. This should be set to '6.1-preview.1' to use this version of the api.
Type: string
containerDescriptor (required)
A descriptor to a group that can be the container in the relationship.
Type: string
organization (required)
The name of the Azure DevOps organization.
Type: string
subjectDescriptor (required)
A descriptor to a group or user that can be the child subject in the relationship.
Type: string
create_group
Create a new Azure DevOps group or materialize an existing AAD group.
The body of the request must be a derived type of GraphGroupCreationContext:
- GraphGroupVstsCreationContext - Create a new Azure DevOps group that is not backed by an external provider.
- GraphGroupMailAddressCreationContext - Create a new group using the mail address as a reference to an existing group from an external AD or AAD backed provider.
- GraphGroupOriginIdCreationContext - Create a new group using the OriginID as a reference to a group from an external AD or AAD backed provider.
Optionally, you can add the newly created group as a member of an existing Azure DevOps group and/or specify a custom storage key for the group.
Parameters
api-version (required)
Version of the API to use. This should be set to '6.1-preview.1' to use this version of the api.
Type: string
organization (required)
The name of the Azure DevOps organization.
Type: string
$body
The subset of the full graph group used to uniquely find the graph subject in an external provider.
Type: object
{
"storageKey" : "Optional: If provided, we will use this identifier for the storage key of the created group"
}
groupDescriptors
A comma separated list of descriptors referencing groups you want the graph group to join
Type: array (string)
scopeDescriptor
A descriptor referencing the scope (collection, project) in which the group should be created. If omitted, will be created in the scope of the enclosing account or organization. Valid only for VSTS groups.
Type: string
create_user
Materialize an existing AAD or MSA user into the VSTS account.
NOTE: Created users are not active in an account unless they have been explicitly assigned a parent group at creation time or have signed in and been autolicensed through AAD group memberships.
Adding a user to an account is required before the user can be added to VSTS groups or assigned an asset.
The body of the request must be a derived type of GraphUserCreationContext:
- GraphUserMailAddressCreationContext - Create a new user using the mail address as a reference to an existing user from an external AD or AAD backed provider.
- GraphUserOriginIdCreationContext - Create a new user using the OriginID as a reference to an existing user from an external AD or AAD backed provider.
- GraphUserPrincipalNameCreationContext - Create a new user using the principal name as a reference to an existing user from an external AD or AAD backed provider.
If the user to be added corresponds to a user that was previously deleted, then that user will be restored.
Optionally, you can add the newly created user as a member of an existing VSTS group and/or specify a custom storage key for the user.
Parameters
api-version (required)
Version of the API to use. This should be set to '6.1-preview.1' to use this version of the api.
Type: string
organization (required)
The name of the Azure DevOps organization.
Type: string
$body
A superset of the full graph user used to uniquely find the graph subject in an external provider. Please fill out either the originId/origin, mailAddress, or principalName fields.
Type: object
{
"originId" : "This should be the object id or sid of the user from the source AD or AAD provider. Example: d47d025a-ce2f-4a79-8618-e8862ade30dd Team Services will communicate with the source provider to fill all other fields on creation.",
"origin" : "This should be the name of the origin provider. Example: github.com",
"mailAddress" : "string",
"principalName" : "This should be the principal name or upn of the user in the source AD or AAD provider. Example: jamal@contoso.com Team Services will communicate with the source provider to fill all other fields on creation."
}
groupDescriptors
A comma separated list of descriptors of groups you want the graph user to join
Type: array (string)
delete_avatar
Parameters
api-version (required)
Version of the API to use. This should be set to '6.1-preview.1' to use this version of the api.
Type: string
organization (required)
The name of the Azure DevOps organization.
Type: string
subjectDescriptor (required)
Type: string
delete_group
Removes an Azure DevOps group from all of its parent groups.
The group will still be visible, but membership checks for the group, and all descendants which derive membership through it, will return false.”
Parameters
api-version (required)
Version of the API to use. This should be set to '6.1-preview.1' to use this version of the api.
Type: string
groupDescriptor (required)
The descriptor of the group to delete.
Type: string
organization (required)
The name of the Azure DevOps organization.
Type: string
delete_membership
Deletes a membership between a container and subject.
Parameters
api-version (required)
Version of the API to use. This should be set to '6.1-preview.1' to use this version of the api.
Type: string
containerDescriptor (required)
A descriptor to a group that is the container in the relationship.
Type: string
organization (required)
The name of the Azure DevOps organization.
Type: string
subjectDescriptor (required)
A descriptor to a group or user that is the child subject in the relationship.
Type: string
delete_user
Disables a user.
The user will still be visible, but membership checks for the user will return false.”
Parameters
api-version (required)
Version of the API to use. This should be set to '6.1-preview.1' to use this version of the api.
Type: string
organization (required)
The name of the Azure DevOps organization.
Type: string
userDescriptor (required)
The descriptor of the user to delete.
Type: string
get_avatar
Parameters
api-version (required)
Version of the API to use. This should be set to '6.1-preview.1' to use this version of the api.
Type: string
organization (required)
The name of the Azure DevOps organization.
Type: string
subjectDescriptor (required)
Type: string
format
Type: string
size
Type: string
Potential values: small, medium, large
get_descriptors
Resolve a storage key to a descriptor
Parameters
api-version (required)
Version of the API to use. This should be set to '6.1-preview.1' to use this version of the api.
Type: string
organization (required)
The name of the Azure DevOps organization.
Type: string
storageKey (required)
Storage key of the subject (user, group, scope, etc.) to resolve
Type: uuid
get_group
Get a group by its descriptor.
The group will be returned even if it has been deleted from the account or has had all its memberships deleted.
Parameters
api-version (required)
Version of the API to use. This should be set to '6.1-preview.1' to use this version of the api.
Type: string
groupDescriptor (required)
The descriptor of the desired graph group.
Type: string
organization (required)
The name of the Azure DevOps organization.
Type: string
get_identity_translation
Parameters
api-version (required)
Version of the API to use. This should be set to '6.1-preview.1' to use this version of the api.
Type: string
organization (required)
The name of the Azure DevOps organization.
Type: string
localId
Type: string
masterId
Type: string
get_membership
Get a membership relationship between a container and subject.
Parameters
api-version (required)
Version of the API to use. This should be set to '6.1-preview.1' to use this version of the api.
Type: string
containerDescriptor (required)
A descriptor to the container in the relationship.
Type: string
organization (required)
The name of the Azure DevOps organization.
Type: string
subjectDescriptor (required)
A descriptor to the child subject in the relationship.
Type: string
get_membership_state
Check whether a subject is active or inactive.
Parameters
api-version (required)
Version of the API to use. This should be set to '6.1-preview.1' to use this version of the api.
Type: string
organization (required)
The name of the Azure DevOps organization.
Type: string
subjectDescriptor (required)
Descriptor of the subject (user, group, scope, etc.) to check state of
Type: string
get_provider_info
Parameters
api-version (required)
Version of the API to use. This should be set to '6.1-preview.1' to use this version of the api.
Type: string
organization (required)
The name of the Azure DevOps organization.
Type: string
userDescriptor (required)
Type: string
get_storage_key
Resolve a descriptor to a storage key.
Parameters
api-version (required)
Version of the API to use. This should be set to '6.1-preview.1' to use this version of the api.
Type: string
organization (required)
The name of the Azure DevOps organization.
Type: string
subjectDescriptor (required)
Type: string
get_user
Get a user by its descriptor.
Parameters
api-version (required)
Version of the API to use. This should be set to '6.1-preview.1' to use this version of the api.
Type: string
organization (required)
The name of the Azure DevOps organization.
Type: string
userDescriptor (required)
The descriptor of the desired user.
Type: string
list_groups
Gets a list of all groups in the current scope (usually organization or account).
The optional parameters are used to filter down the returned results. Returned results are in no guaranteed order.
Since the list of groups may be large, results are returned in pages of groups. If there are more results than can be returned in a single page, the result set will contain a continuation token for retrieval of the next set of results.
Parameters
api-version (required)
Version of the API to use. This should be set to '6.1-preview.1' to use this version of the api.
Type: string
organization (required)
The name of the Azure DevOps organization.
Type: string
continuationToken
An opaque data blob that allows the next page of data to resume immediately after where the previous page ended. The only reliable way to know if there is more data left is the presence of a continuation token.
Type: string
scopeDescriptor
Specify a non-default scope (collection, project) to search for groups.
Type: string
subjectTypes
A comma separated list of user subject subtypes to reduce the retrieved results, e.g. Microsoft.IdentityModel.Claims.ClaimsIdentity
Type: array (string)
list_memberships
Get all the memberships where this descriptor is a member in the relationship.
The default value for direction is 'up' meaning return all memberships where the subject is a member (e.g. all groups the subject is a member of). Alternatively, passing the direction as 'down' will return all memberships where the subject is a container (e.g. all members of the subject group).
Parameters
api-version (required)
Version of the API to use. This should be set to '6.1-preview.1' to use this version of the api.
Type: string
organization (required)
The name of the Azure DevOps organization.
Type: string
subjectDescriptor (required)
Fetch all direct memberships of this descriptor.
Type: string
depth
The maximum number of edges to traverse up or down the membership tree. Currently the only supported value is '1'.
Type: integer
direction
Defaults to Up.
Type: string
Potential values: unknown, down, up
list_users
Get a list of all users in a given scope.
Since the list of users may be large, results are returned in pages of users. If there are more results than can be returned in a single page, the result set will contain a continuation token for retrieval of the next set of results.
Parameters
api-version (required)
Version of the API to use. This should be set to '6.1-preview.1' to use this version of the api.
Type: string
organization (required)
The name of the Azure DevOps organization.
Type: string
continuationToken
An opaque data blob that allows the next page of data to resume immediately after where the previous page ended. The only reliable way to know if there is more data left is the presence of a continuation token.
Type: string
scopeDescriptor
Specify a non-default scope (collection, project) to search for users.
Type: string
subjectTypes
A comma separated list of user subject subtypes to reduce the retrieved results, e.g. msa’, ‘aad’, ‘svc’ (service identity), ‘imp’ (imported identity), etc.
Type: array (string)
lookup_subjects
Resolve descriptors to users, groups or scopes (Subjects) in a batch.
Parameters
api-version (required)
Version of the API to use. This should be set to '6.1-preview.1' to use this version of the api.
Type: string
organization (required)
The name of the Azure DevOps organization.
Type: string
$body
A list of descriptors that specifies a subset of subjects to retrieve. Each descriptor uniquely identifies the subject across all instance scopes, but only at a single point in time.
Type: object
{
"lookupKeys" : [ {
"descriptor" : "string"
} ]
}
query
Search for Azure Devops users, or/and groups. Results will be returned in a batch with no more than 100 graph subjects.
Parameters
api-version (required)
Version of the API to use. This should be set to '6.1-preview.1' to use this version of the api.
Type: string
organization (required)
The name of the Azure DevOps organization.
Type: string
$body
The query that we'll be using to search includes the following: Query: the search term. The search will be prefix matching only. SubjectKind: "User" or "Group" can be specified, both or either ScopeDescriptor: Non-default scope can be specified, i.e. project scope descriptor
Type: object
{
"query" : "Search term to search for Azure Devops users or/and groups",
"subjectKind" : [ "string" ],
"scopeDescriptor" : "Optional parameter. Specify a non-default scope (collection, project) to search for users or groups within the scope."
}
request_access
Parameters
api-version (required)
Version of the API to use. This should be set to '6.1-preview.1' to use this version of the api.
Type: string
organization (required)
The name of the Azure DevOps organization.
Type: string
$body
Represents an abstract JSON token.
Type: object
{
"next" : "JToken",
"parent" : "Gets or sets the parent.",
"path" : "Gets the path of the JSON token.",
"item" : "JToken",
"last" : "JToken",
"previous" : "JToken",
"root" : "JToken",
"hasValues" : "Gets a value indicating whether this token has child tokens.",
"type" : "Gets the node type for this JToken.",
"first" : "JToken"
}
set_avatar
Parameters
api-version (required)
Version of the API to use. This should be set to '6.1-preview.1' to use this version of the api.
Type: string
organization (required)
The name of the Azure DevOps organization.
Type: string
subjectDescriptor (required)
Type: string
$body
Type: object
{
"timeStamp" : "date-time",
"size" : "string. Possible values: small | medium | large",
"isAutoGenerated" : "boolean",
"value" : [ "byte" ]
}
update_group
Update the properties of an Azure DevOps group.
Currently limited to only changing the description and account name.
Parameters
api-version (required)
Version of the API to use. This should be set to '6.1-preview.1' to use this version of the api.
Type: string
groupDescriptor (required)
The descriptor of the group to modify.
Type: string
organization (required)
The name of the Azure DevOps organization.
Type: string
$body
The JSON+Patch document containing the fields to alter.
Type: object
{ }
update_user
Map an existing user to a different identity
Parameters
api-version (required)
Version of the API to use. This should be set to '6.1-preview.1' to use this version of the api.
Type: string
organization (required)
The name of the Azure DevOps organization.
Type: string
userDescriptor (required)
the descriptor of the user to update
Type: string
$body
The subset of the full graph user used to uniquely find the graph subject in an external provider.
Type: object
{ }