Enhanced Security Error while Visual Studio Team S

I'm currently trying to use the Rest APIs exposed by Visual Studio Team Services (was Visual Studio Online) to obtain work item information. I seem to be able to connect however when I look at the response to my query its a html page with a Enhanced Security Error message. I believe that this is due to the Enhanced Security option in IE but I'm calling this from my client machine and I can only see options on how to turn this off on a server.

this is the call i'm making

using (var client = new HttpClient())
        {
            var token =     "xxxxxxxxxxxx";
            var apiVersion = "1.0";

            var account = "xxxxxxxx";
            var query = "Select [System.Id] From WorkItems Where[System.WorkItemType] = 'WorkItem' order by [System.CreatedDate] desc";

            var url = "https://" + account + ".visualstudio.com/Core/_apis/wit/";

            // Execute a query that returns work item IDs matching the specified criteria
            using (var request = new HttpRequestMessage(HttpMethod.Post, url + "wiql"))
            {
                request.Headers.Add("Authorization", "Bearer " + token);
                request.Headers.Add("Accept", "application/json;api-version=" + apiVersion);

                Dictionary<string, string> body = new Dictionary<string, string>
            {
                {
                    "query", query
                    }
            };

                request.Content = new StringContent(JsonConvert.SerializeObject(body), Encoding.UTF8, "application/json");

                using (var response = await client.SendAsync(request))
                {
                    var content = await response.Content.ReadAsStringAsync();
                    var workItems = JObject.Parse(content)["workItems"] as JArray;

                    string[] ids = workItems.Select<JToken, string>(w => (w["id"] + "")).Take(10).ToArray<string>();
                    string idsString = String.Join(",", ids);

                    // Get details for the last 10
                    using (var detailsRequest = new HttpRequestMessage(HttpMethod.Get, url + "workitems?ids=" + idsString + "&fields=System.Id,System.Title"))
                    {
                        detailsRequest.Headers.Add("Authorization", "Bearer " + token);
                        detailsRequest.Headers.Add("Accept", "application/json;api-version=" + apiVersion);

                        using (var detailsResponse = await client.SendAsync(detailsRequest))
                        {
                            var detailsContent = await detailsResponse.Content.ReadAsStringAsync();
                            var detailsWorkItems = JObject.Parse(detailsContent)["value"] as JArray;

                            foreach (dynamic workItem in detailsWorkItems)
                            {
                                Console.WriteLine("Work item: {0} ({1})",
                                    workItem.fields["System.Id"],
                                    workItem.fields["System.Title"]
                                );
                            }
                        }
                    }
                }
            }
        }

any help with this would be appreciated,

thanks

Chris

You can add related sites to trusted sites (for example: https://app.vssps.visualstudio.com, https://login.live.com etc…).

Internet option=>Security
Select Trusted sites
Click sites
Type website address and click add

The simple way to know which URLs need to be added, you could send a simple Get Rest request (e.g. get work item REST API), it will pop up a window that contains site URL (will pop up many times for different URL), add these URL to trusted sites list.

Update:

Based on the response result, it isn’t related to enhanced security, the result means it isn’t authenticated. So the token is invalid, it is access token of OAuth, you need to get access token after register your app to VSTS.

More information, you can refer to this article.

There is a OAuth sample that you can refer. After you get access token, add it to request header and retrieve data from VSTS.

If you want to access VSTS through personal access token, the code like this: (check this article)

try
    {
        var username = "username";
        var password = "password";

        using (HttpClient client = new HttpClient())
        {
            client.DefaultRequestHeaders.Accept.Add(
                new System.Net.Http.Headers.MediaTypeWithQualityHeaderValue("application/json"));

            client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Basic",
                Convert.ToBase64String(
                    System.Text.ASCIIEncoding.ASCII.GetBytes(
                        string.Format("{0}:{1}", username, password))));

            using (HttpResponseMessage response = client.GetAsync(
                        "https://{account}.visualstudio.com/DefaultCollection/_apis/build/builds").Result)
            {
                response.EnsureSuccessStatusCode();
                string responseBody = await response.Content.ReadAsStringAsync();
                Console.WriteLine(responseBody);
            }
        }
    }
    catch (Exception ex)
    {
        Console.WriteLine(ex.ToString());
    }