Azure DevOps OAuth2 - Error 400 after receiving code call back

Describe the problem/error/question

I am trying to setup an OAuth2 credential to allow me to connect to the Azure DevOps API.

I keep getting error 400 in n8n after authorizing my app in the popup window. The callback with code is received by n8n. But for some reason it is unable to retrieve the token and mark the credential connected.

I have tried Microsoft OAuth2 and the OAuth2 API credential options but I have the same issue

The container display the following message -
OAuth2 authentication successful for new credential

What is the error message (if any)?

HTTP status 400 in a popup window

I just updated to 0.229.0 and now get the error below (thanks for this new feature :slight_smile: )

image

Please share your workflow

  1. Create a new credential (I have tried Microsoft OAuth2 and the OAuth2 API)
  2. Enter the details for Client Id, Client Secret, Auth Url, Auth Token Url, Scope
  3. Click “Connect My Account”
  4. Authorise App
  5. Error 400 in the /callback?code= screen.

If i take the code query param and craft the following POST method in postman I can receive the token and refresh token.

POST https://app.vssps.visualstudio.com/oauth2/token

Headers:
Content-Type: application/x-www-form-urlencoded

Body:
client_assertion_type=urn:ietf:params:oauth:client-assertion-type:jwt-bearer
grant_type=urn:ietf:params:oauth:grant-type:jwt-bearer
client_assertion={0} - This is the client secret
assertion={1} - This is the code
redirect_uri={2} - This is the n8n callback url

(Select the nodes on your canvas and use the keyboard shortcuts CMD+C/CTRL+C and CMD+V/CTRL+V to copy and paste the workflow.)

Share the output returned by the last node

Information on your n8n setup

  • **n8n version:0.229.0
  • **Database (default: SQLite):Postgres
  • **n8n EXECUTIONS_PROCESS setting (default: own, main):main
  • **Running n8n via (Docker, npm, n8n cloud, desktop app):docker
  • **Operating system:linux

Azure Devops Documentation - Authorize access to REST APIs with OAuth 2.0 - Azure DevOps | Microsoft Learn

Hey @Tarek_Haoula,

That is interesting, From what I understand we will be sending either client_credentials, authorization_code or refresh_token. When you were making the oauth credential did you try using Client Credentials instead of Authorization Code?

Hi Jon,

Thanks for replying.

If I change to client credentials then the OAuth Redirect URL will disappear. I am not sure how this is supposed to work.

I tried creating my on Azure DevOps credentials to try and hard code the grantType however this results in the OAuth Redirect URL field disappearing.

Regards,
Tarek

Hey @Tarek_Haoula,

For the client credentials that makes sense as client credentials don’t do the same redirect process so the redirect url isn’t needed.

At the moment we don’t support jwt-bearer but it looks like the error is saying that client credentials is supported to it might be worth checking what they need for that although it would probably be more of a service account than a user.

We could look at adding the other type in the future if we start to see more requests for it.

1 Like

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.