Personal Access Tokens and VSTS APIs

API, TFS, Visual Studio Online
One of the great features of Visual Studio Team Services (VSTS) and Team Foundation Server (TFS) is its extensibility model. I am specifically referring to the REST APIs that Microsoft has started making available for their platform. Until recently, you had two options for authenticating with the REST APIs:Basic Authentication – requires that you enable alternate credentials on your VSTS/TFS account, Base64-encode them and send them “over the wire” along with your REST API call. This approach is simple though not very secure since your credentials are not encrypted “at rest” (though they are encrypted when used since the APIs utilize HTTPS at the transport layer). You can read more about using Basic Authentication with the REST APIs here.OAuth – this is a more secure approach than Basic Authentication, however…
Read More