Added sample for token administration #152
Conversation
|
|
… to "Scopes", inclusion of "CreatedBefore")
…d pagination + improved crossreferencing of shared code snippets
There was a problem hiding this comment.
Hey Kenan :) - I think a few of your new sample methods go beyond just being a "snippet" (i.e. mainly designed for showing 1 API call, and generally designed not to actually do anything "real" --- e.g. the delete sample deletes an artifact created in a previous sample method).
You should consider having 1 sample method per API (e.g. 1 method to get all authorizations, 1 method to delete a specific authorization, etc) and then create a standalone sample project (like https://github.com/Microsoft/vsts-dotnet-samples/tree/master/ServiceHooks/Utilities/Permissions). A standalone project is likely easier to consume and can be as complex or simple as makes sense for what you need to show.
|
If this is still relevant, can you retarget it to |
The TokenAdmin sample shows organization administrators how they can use the VSTS REST APIs to find and revoke personal access tokens (PATs) for users in their organization. It also shows how to create revocation rules that prevent access through other OAuth credentials, such as self-describing session tokens. The sample is written using our C# client libraries, but is commented with the HTTP calls that administrators can make to perform these same operations directly over the wire.
The methods in this sample, and the endpoints they cover are:
GetPersonalAccessTokenDetailsForUsersInYourOrganization
GET /_apis/tokenAdmin/personalAccessTokens/{subjectDescriptor}RevokePersonalAccessTokensForUsersInYourOrganization
POST /_apis/tokenAdmin/revocationsRevokeSelfDescribingSessionTokensForUsersInYourOrganization
POST /_apis/tokenAdmin/revocationRules