Skip to content

Migrate Create-APIReview script from API Key to Azure AD authentication #9501

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
JoshLove-msft merged 3 commits into from
Jan 29, 2026
Merged

Migrate Create-APIReview script from API Key to Azure AD authentication #9501

JoshLove-msft merged 3 commits into from
Jan 29, 2026
+58 −14

Conversation

Copy link
Contributor

Copilot AI commented Jan 28, 2026
edited
Loading

  • Review Azure SDK PR #13235 pattern for removing API Key authentication
  • Update Create-APIReview.ps1 to remove API Key parameter and add Bearer token authentication
    • Removed $APIKey parameter from script
    • Added Get-ApiViewBearerToken() function that acquires Azure AD tokens via az account get-access-token
    • Updated Upload-SourceArtifact to use Bearer token instead of API Key
    • Updated Upload-ReviewTokenFile to use Bearer token instead of API Key
    • Changed API endpoints from UploadAutoReview to upload and CreateApiReview to create (lowercase)
    • Changed HTTP method from GET to POST for the create endpoint
    • Improved error handling with more detailed error messages
  • Update create-apireview.yml to use AzureCLI@2 task instead of Powershell@2 task
    • Changed task from Powershell@2 to AzureCLI@2
    • Added AzureServiceConnection parameter with default value "APIView prod deployment"
    • Removed -APIKey $(azuresdk-apiview-apikey) argument
    • Removed pwsh: true (not needed with AzureCLI@2)
    • Added azureSubscription, scriptType, and scriptLocation inputs
  • Address security concern: removed potentially sensitive token response from error logging
Original prompt

This section details on the original issue you should resolve

<issue_title>Stop using Api Key in Create-ApiReview script</issue_title>
<issue_description>We can follow the same pattern as used in Azure/azure-sdk-tools#13235

And apply those changes to https://github.com/microsoft/typespec/blob/main/eng/emitters/scripts/Create-APIReview.ps1

Also need to update https://github.com/microsoft/typespec/blob/main/eng/emitters/pipelines/templates/steps/create-apireview.yml</issue_description>

Comments on the Issue (you are @copilot in this section)

💡 You can make Copilot smarter by setting up custom instructions, customizing its development environment and configuring Model Context Protocol (MCP) servers. Learn more Copilot coding agent tips in the docs.

@JoshLove-msft
Remove API Key authentication from Create-APIReview script and switch…
4523f89 
… to Azure AD Bearer token

Co-authored-by: JoshLove-msft <[email protected]>
Copilot AI changed the title [WIP] Stop using API key in Create-APIReview script Migrate Create-APIReview script from API Key to Azure AD authentication Jan 28, 2026
Copilot AI requested a review from JoshLove-msft January 28, 2026 23:37
@JoshLove-msft JoshLove-msft marked this pull request as ready for review January 28, 2026 23:59
jorgerangel-msft
jorgerangel-msft reviewed Jan 29, 2026
View reviewed changes
@JoshLove-msft JoshLove-msft added this pull request to the merge queue Jan 29, 2026
Merged via the queue into main with commit 6939163 Jan 29, 2026
47 checks passed
@JoshLove-msft JoshLove-msft deleted the copilot/remove-api-key-from-create-apireview branch January 29, 2026 02:30
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@jorgerangel-msft jorgerangel-msft jorgerangel-msft left review comments

@m-nash m-nash m-nash approved these changes

@JoshLove-msft JoshLove-msft Awaiting requested review from JoshLove-msft

@iscai-msft iscai-msft Awaiting requested review from iscai-msft iscai-msft is a code owner

Assignees

@JoshLove-msft JoshLove-msft

Copilot code review Copilot

Labels

eng

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Stop using Api Key in Create-ApiReview script

4 participants

@JoshLove-msft @m-nash @jorgerangel-msft