Build Self-Service Pipeline to Deploy Self-Hosted Environment Agents on Azure Workloads — The Token Phase

Gijs Reijn
10 min readApr 15, 2024

What constantly still struck me, is the fact that when you deploy a self-hosted Windows environment agent from Azure DevOps Services, it only supports Personal Access Tokens (PAT).

Figure 1 — Authentication options for Windows Agent

Yeah, you can probably relate to it, and it is still unfortunately the only option available in 2024.

Although I have installed countless agents onto environments, it was always done manually and if there is one thing that I don’t like doing, is repetitive steps over and over again by hand…

With more focus on platform engineering practices these days, I wondered how to build a self-service capability to deploy an environment agent onto Azure workloads, especially Windows.

That’s where the idea struck, why not use the same tool to deploy environment agents using a pipeline and leverage its API to do some tricks…

In this step-by-step article, you will learn how to use the REST API of Azure DevOps Services by creating PAT in a programmatical fashion.

When you’ve got the PAT, you can register environment agents, which are those resource types in environments you can add to an Azure Virtual Machine.

--

--

Gijs Reijn

Providing tips, tricks, best practices, solutions, and nonsense that might help your IT workday thrive.