Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Azure DevOps Services | Azure DevOps Server | Azure DevOps Server 2022
Azure Artifacts enables developers to seamlessly publish packages to feeds and share them privately or publicly, depending on the feed’s visibility settings. This guide walks you through setting up your project and authenticating with your Azure Artifacts feed.
Prerequisites
| Product | Requirements |
|---|---|
| Azure DevOps | - An Azure DevOps organization. - An Azure DevOps project. - An Azure Artifacts feed. - Download and install the .NET SDK version 9.0.200 or later. |
Set up the Azure Artifacts Credential Provider
To authenticate with your feed, you must first install the Azure Credential Provider. Using the tool installer included with dotnet, you can install the credential provider from the CLI using the following command:
dotnet tool install --global Microsoft.Artifacts.CredentialProvider.NuGet.Tool
If your repository-level nuget.config is configured to use only Azure Artifacts sources, run the install command from outside that directory, or explicitly set nuget.org as the source:
dotnet tool install --global Microsoft.Artifacts.CredentialProvider.NuGet.Tool --source https://api.nuget.org/v3/index.json
Optionally, pin the tool to a major version (for example, in container images where reproducibility matters):
dotnet tool install --global Microsoft.Artifacts.CredentialProvider.NuGet.Tool --version 2.* --source https://api.nuget.org/v3/index.json
The first time you perform an operation that requires authentication, you should authenticate by either:
- Running with
--interactiveso dotnet can prompt you to authenticate. - Providing credentials through environment variables (for example, in unattended scenarios).
If interactive authorization is available, navigate to your project directory and run:
dotnet restore --interactive
This command signs you in and acquires a token. After sign-in succeeds, you can run authenticated commands without --interactive until the token expires. See Session token cache locations for more details.
Connect to a feed
Select Artifacts and then select your feed from the dropdown menu.
Select Connect to feed, and then select dotnet from the NuGet section.
Add a nuget.config file to your project. Place it in the same folder as your .csproj or .sln file, and paste the snippet provided in the Project setup section into it. Your nuget.config file should look similar to the following:
Project-scoped feed:
<?xml version="1.0" encoding="utf-8"?> <configuration> <packageSources> <clear /> <add key="<FEED_NAME>" value="https://pkgs.dev.azure.com/<ORGANIZATION_NAME>/<PROJECT_NAME>/_packaging/<FEED_NAME>/nuget/v3/index.json" /> </packageSources> </configuration>Organization-scoped feed:
<?xml version="1.0" encoding="utf-8"?> <configuration> <packageSources> <clear /> <add key="<FEED_NAME>" value="https://pkgs.dev.azure.com/<ORGANIZATION_NAME>/_packaging/<FEED_NAME>/nuget/v3/index.json" /> </packageSources> </configuration>
Sign in to your Azure DevOps collection, and then navigate to your project.
Select Artifacts, and then select your feed from the dropdown menu.
Select Connect to Feed, and then select dotnet from the left.
Add a nuget.config file to your project. Place it in the same folder as your .csproj or .sln file, and paste the snippet provided in the Project setup section into it.
Authenticate using Service Principals
You can use a service principal to authenticate with your Azure Artifacts feed. To do this, set the ARTIFACTS_CREDENTIALPROVIDER_FEED_ENDPOINTS environment variable as shown below.
This variable should define the feed URL, the service principal’s application (client) ID, and either the certificate subject name or the path to the certificate file (only one of these two is required).
$env:ARTIFACTS_CREDENTIALPROVIDER_FEED_ENDPOINTS = @'{
"endpointCredentials": [
{
"endpoint": "<FEED_URL>",
"clientId": "<SERVICE_PRINCIPAL_APPLICATION_(CLIENT)_ID>",
"clientCertificateSubjectName": "<SERVICE_PRINCIPAL_CERTIFICATE_NAME>",
"clientCertificateFilePath": "<SERVICE_PRINCIPAL_CERTIFICATE_PATH>"
}
]
}
'@