PAT Scopes

[joshmeads]

Hey thanks for making this!

Can I please request a small docs update?

It would be very helpful to share the recommended PAT scopes needed for the app functionality. Realistically we don't want to provide "full access" to our tokens but playing the guessing game back and fourth between Azure and the app is a slow process trying to bypass "Unauthorized" errors.

Thanks!

[joshmeads]

So far what I've ended up with is the following:

Build: Read
Code: Read, Status
Graph: Read
Pull Request Threads: Read & Write
Release: Read
Wiki: Read & Write (I don't think this is needed though)
Work Items: Read, Write, Manage

Currently still getting unauthorized on file diffs.

[bkvisiosign]

Did you ever find the scopes for file diff?

[macmiranda]

Same problem on file diff
What call is it making to the API? I'm not very familiar with Dart

Update:
I'm getting permission denied even with a Full Access token (cleared data and logged in again)

[sstasi95]

Hi,

Here's the code.

The api call is _apis/contribution/hierarchyQuery/project/${commit.projectId}, which is not documented as far as I know.

I think project and repository read access is required, but I'm not sure about the PAT scopes required. I would try with 'Code: Full'.