OAuth Authentication for Visual Studio IDE Extension to Access Duo Agent Platform

Problem to Solve

A customer is trying to eliminate Personal Access Token (PAT) usage across their organization for security and compliance reasons. Currently, developers need to use PATs to connect Visual Studio to GitLab for Duo Agent Platform (DAP), which creates a security and compliance issue.

Proposal

Implement OAuth 2.0 authentication support for the Visual Studio IDE extension to access Duo Agent Platform (DAP) features, eliminating the need for Personal Access Tokens.

Key capabilities needed:

• OAuth 2.0 authentication flow (authorization code with PKCE)
• Support for SSO/MFA policies
• Support for GitLab.com, Self-Managed, and Dedicated instances
• Secure token storage using Visual Studio's native credential management
• Token refresh for long-running IDE sessions

Supported versions:

• Visual Studio 2019 and later
• Visual Studio 2022

Intended Users

• Developers using Visual Studio who need to access DAP features

Further Details

Customer context:

• Customer is trying to eliminate PAT usage across their organization
• Developers currently need PATs to connect Visual Studio to GitLab for DAP
• This creates a security/compliance issue for the organization
• Without this, the customer is essentially blocked on using DAP in their IDE