Sequence diagram for Fluid to DevOps Integration
Fluid is a web based hosted application in the Azure cloud.
1. Authentication Request
Fluid retrieves the Service Principal ID, Tenant ID, Secret from our Azure KeyVault.
2. Constructs an authentication request for Azure Active Directory (Azure AD).
3. Send Authentication Request to Azure AD
The request is sent to the Azure AD Token Endpoint via HTTPS (https://login.microsoftonline.com/{tenantId}/oauth2/token).
Resource Scope (Azure DevOps API)
4. Azure AD Validates Credentials
Azure AD verifies:
The Service Principal ID and Secret are correct.
The application has permissions to request an access token for the specified resource.
If successful, it generates an OAuth access token.
5. Receive Access Token
Azure AD sends a response back to Fluid containing:
Access Token (JWT format)
Token Expiry Time
6. Construct API Request for Azure DevOps
Fluid Prepares an HTTPS request for Azure DevOps.
Adds the OAuth access token in the Authorization header:
7. Send Request to Azure DevOps
The request is sent to Azure DevOps HTTPS REST API (https://dev.azure.com/{organization}/{project}/_apis/...).
8. Azure DevOps Validates the Token
Azure DevOps validates the access token:
Ensures it’s not expired.
Checks if it has the correct permissions (scopes).
If valid, processes the request.
9. Receive Response from Azure DevOps
Azure DevOps sends back:
Requested data.
Or an error message (e.g., invalid token, insufficient permissions).
10. Fluid Processes the Response
Parses and processes the response.
Uses the retrieved data in the Fluid, enriching Fluid entities.