Fluid is a web based hosted application in the Azure cloud.
1. Authentication Request
- Fluid retrieves the Service Principal ID, Tenant ID, Secret from our Azure KeyVault.
2. Constructs an authentication request for Azure Active Directory (Azure AD).
3. Send Authentication Request to Azure AD
- The request is sent to the Azure AD Token Endpoint via HTTPS (https://login.microsoftonline.com/{tenantId}/oauth2/token).
- Resource Scope (Azure DevOps API)
4. Azure AD Validates Credentials
- Azure AD verifies:
- The Service Principal ID and Secret are correct.
- The application has permissions to request an access token for the specified resource.
- If successful, it generates an OAuth access token.
5. Receive Access Token
- Azure AD sends a response back to Fluid containing:
- Access Token (JWT format)
- Token Expiry Time
6. Construct API Request for Azure DevOps
- Fluid Prepares an HTTPS request for Azure DevOps.
- Adds the OAuth access token in the Authorization header:
7. Send Request to Azure DevOps
- The request is sent to Azure DevOps HTTPS REST API (https://dev.azure.com/{organization}/{project}/_apis/...).
8. Azure DevOps Validates the Token
- Azure DevOps validates the access token:
- Ensures it’s not expired.
- Checks if it has the correct permissions (scopes).
- If valid, processes the request.
9. Receive Response from Azure DevOps
- Azure DevOps sends back:
- Requested data.
- Or an error message (e.g., invalid token, insufficient permissions).
10. Fluid Processes the Response
- Parses and processes the response.
- Uses the retrieved data in the Fluid, enriching Fluid entities.
Was this article helpful?
That’s Great!
Thank you for your feedback
Sorry! We couldn't be helpful
Thank you for your feedback
Feedback sent
We appreciate your effort and will try to fix the article