Introduction
This document shows an example of what needs to be done on Azure DevOps to make it integration-ready with an endpoint in your ONEiO subscription.
In case you have questions related to setting up the integration, send an email to support@oneio.cloud.
You can sign up for a free trial of ONEiO from the following link: ONEiO Free Trial
Overview
This article gives an overview of the required steps to integrate ONEiO and Azure DevOps. In this guide, we cover the following steps required for bi-directional communication between ONEiO and Azure DevOps.
- Configure Service Hooks in Azure DevOps for Integration with ONEiO
- Generate Personal Access Token (PAT) for ONEiO Integration with Azure DevOps
- Register Daemon App in Microsoft Enterprise ID for OAuth Authentication
- Configure ADO endpoint in ONEIO
Sending messages from Azure DevOps to ONEiO
Configure Service Hooks in Azure DevOps for Integration with ONEiO
To send messages from Azure DevOps to ONEiO we need to create two Service Hooks with the Webhook set as the service. For triggers, we will use the "Work item created" and the "Work item updated events and any filters you would like to employ additionally. The settings for the action should specify the URL which comes from the ONEiO app. For reference please use the "[Your Azure DevOps] -> ONEiO" section of the endpoint configuration guide. Using the "Copy Receiver URL to clipboard" function in ONEiO may be helpful to generate the URL and the authentication token altogether. The rest of the settings can be left unchanged as default.
You may also find the webhook "Test" function useful to verify the messages are reaching ONEiO before proceeding with event testing.
Sending messages from ONEiO to Azure DevOps
Generate Personal Access Token (PAT) for ONEiO Integration with Azure DevOps
To send messages from ONEiO to Azure DevOps, the user dedicated to the integration needs to generate a Personal Access Token and the details inserted into the ONEiO app.
The token scope "Work Items" with "Read & write" should cover the entities supported by the integration.
Once created the value of the token can be saved in the ONEiO app.
Register Daemon App in Microsoft Enterprise ID for OAuth Authentication
Microsoft Entra ID
To be able to use OAuth for authentication first, we would need to register an app in Microsoft Entra ID. The most suitable for integration with ONEiO is a daemon type of app. Please make sure the app is in the same directory as your Azure DevOps instance.
Next, we would need to generate the client secret.
We'll need the value to configure the endpoint in ONEiO so keep it handy.
Now in the API permission section, we define the scope our app can work with
You can go with user impersonation but we would recommend restricting the app to the vso.work_write permission if you need the integration with ADO work items. After granting admin consent if required locate the permission in question and note the resource App ID.
Lastly in the Overview section endpoints tab locate and save the OAuth 2.0 (v2) token endpoint URI
As a result of these actions, you should now have available:
- App name
- Client ID
- Client Secret
- Resource App ID
- Token endpoint URI
Please note them down for the next step in the ONEiO app.
Configure ADO endpoint in ONEIO
In the endpoint editor's outbound section, we can now fill in the details (choosing OAuth as a method).
You can copy all the values as they are except for the scope where the value is the Resource App Id + /.default (499b84ac-1321-427f-aa17-267ca6975798/.default for example).
ADO
The very last step is in the instance of ADO itself. We now need to add the app as a Service Principal.
Comments
Please sign in to leave a comment.