diff --git a/pr_agent/git_providers/azuredevops_provider.py b/pr_agent/git_providers/azuredevops_provider.py
index d9c09d3b..3e98fbd3 100644
--- a/pr_agent/git_providers/azuredevops_provider.py
+++ b/pr_agent/git_providers/azuredevops_provider.py
@@ -10,7 +10,7 @@ from .git_provider import GitProvider
 from pr_agent.algo.types import EDIT_TYPE, FilePatchInfo
 
 AZURE_DEVOPS_AVAILABLE = True
-MEX_PR_DESCRIPTION_LENGTH = 4000-1
+MAX_PR_DESCRIPTION_LENGTH = 4000-1
 
 try:
     # noinspection PyUnresolvedReferences
@@ -325,9 +325,9 @@ class AzureDevopsProvider(GitProvider):
             )
 
     def publish_description(self, pr_title: str, pr_body: str):
-        if len(pr_body) > MEX_PR_DESCRIPTION_LENGTH:
+        if len(pr_body) > MAX_PR_DESCRIPTION_LENGTH:
             trunction_message = " ... (description truncated due to length limit)" 
-            pr_body = pr_body[:MEX_PR_DESCRIPTION_LENGTH - len(trunction_message)] + trunction_message
+            pr_body = pr_body[:MAX_PR_DESCRIPTION_LENGTH - len(trunction_message)] + trunction_message
             get_logger().warning(
                 "PR description exceeds the maximum character limit of 4000. Truncating the description."
             )
diff --git a/pr_agent/servers/azuredevops_server_webhook.py b/pr_agent/servers/azuredevops_server_webhook.py
index e81501e9..f10e0de7 100644
--- a/pr_agent/servers/azuredevops_server_webhook.py
+++ b/pr_agent/servers/azuredevops_server_webhook.py
@@ -5,9 +5,9 @@
 import json
 import os
 import re
-
 import uvicorn
-from fastapi import APIRouter, FastAPI
+from fastapi import APIRouter, Depends, FastAPI
+from fastapi.security import HTTPBasic, HTTPBasicCredentials
 from fastapi.encoders import jsonable_encoder
 from starlette import status
 from starlette.background import BackgroundTasks
@@ -19,7 +19,6 @@ from starlette_context.middleware import RawContextMiddleware
 from pr_agent.agent.pr_agent import PRAgent, command2class
 from pr_agent.config_loader import get_settings
 from pr_agent.log import get_logger
-import base64
 
 router = APIRouter()
 available_commands_rgx = re.compile(r"^\/(" + "|".join(command2class.keys()) + r")\s*")
@@ -93,14 +92,20 @@ async def handle_webhook(background_tasks: BackgroundTasks, request: Request):
 # currently only basic auth is supported with azure webhooks
 # for this reason, https must be enabled to ensure the credentials are not sent in clear text
 def validate_basic_auth(request: Request):
-    auth = request.headers.get("Authorization")
-    if not auth:
-        return False
-    if not auth.startswith("Basic "):
-        return False
-    decoded_auth = base64.b64decode(auth.split(" ")[1]).decode()
-    username, password = decoded_auth.split(":")
-    return username == WEBHOOK_USERNAME and password == WEBHOOK_PASSWORD
+    try:
+        auth = request.headers.get("Authorization")
+        if not auth:
+            return False
+        if not auth.startswith("Basic "):
+            return False
+        security = HTTPBasic()
+        credentials: HTTPBasicCredentials = Depends(security)
+        username = credentials.username
+        password = credentials.password
+        return username == WEBHOOK_USERNAME and password == WEBHOOK_PASSWORD
+    except:
+        get_logger().error("Failed to validate basic auth")
+        return False 
 
 def start():
     app = FastAPI(middleware=[Middleware(RawContextMiddleware)])