Nuget Environment using Windows Authentication

David Bown's Avatar

David Bown

09 Jun, 2015 10:39 AM


Is it possible to create an environment for publishing nuget packages to i.e. Nuget Provider and provide windows authentication credentials instead or as well as an API key?

We want to publish to an internal proget server that is configured with windows authentication.

Best regards

  1. Support Staff 1 Posted by Feodor Fitsner on 09 Jun, 2015 05:05 PM

    Feodor Fitsner's Avatar

    Hi Dave,

    Does nuget.exe allows publishing with Windows authentication or you use some other client to do that?

  2. 2 Posted by Dave Bown on 09 Jun, 2015 06:54 PM

    Dave Bown's Avatar


    Nuget.exe does support windows authentication and basic authentication aside from using the api key.

    The source can be set up with nuget source add -name <name of source> -source <source url> -UserName username -Password password which will then automatically authenticate with windows or basic auth credentials as challenged.

    If the UserName and Password aren't supplied then nuget.exe prompts for credentials to use.

    I would hope there would be a way to configure the username and password to be used.


  3. Support Staff 3 Posted by Feodor Fitsner on 09 Jun, 2015 07:31 PM

    Feodor Fitsner's Avatar

    If the solution to support Windows auth for publishing is registering NuGet feed with Windows credentials then you can run this command in AppVeyor environment (say, during "Install" phase). Put username and password into environment variables (or secure variables if you use appveyor.yml) and then:

    nuget source add -name <name of source> -source <source url> -UserName %var_with_username% -Password %var_with_password%
  4. 4 Posted by Dave Bown on 10 Jun, 2015 08:08 AM

    Dave Bown's Avatar


    I tried this as an init script, install script and pre-deployment script and it doesn't work I get the following output (i've obfuscated slightly) when using as a pre-deployment script but it's the same effect with the other stages:

    nuget source add -name myday -source https://************** -UserName %nuget_user% -Password %nuget_password%
    Package Source with Name: myday added successfully.
    nuget list -source myday
    Using credentials from config. UserName: collabco\nugetpub
    Deploying using NuGet provider
    Publishing myday.utility. to https://***********************...
    Error publishing package. NuGet server returned 401: Unauthorized

    I put the nuget list step in to prove that the credentials being stored were working and it correctly lists the packages available.

    I've also double checked the API key used in the NuGet deployment step so I'm at a loss. It seems the NuGet deployment provider doesn't work with the previously established source.

    Next step would be to try and use a deployment PowerShell script but I'm struggling to find any examples anywhere in particular how I determine the path where the packages artefacts will be.


  5. Support Staff 5 Posted by Feodor Fitsner on 10 Jun, 2015 08:13 AM

    Feodor Fitsner's Avatar

    Hi Dave,

    Built-in NuGet deployment provider doesn't support Windows authentication yet (or any other authentication) except API key.

    Try using nuget.exe client with nuget push command directly to publish your packages.

  6. 6 Posted by Dave Bown on 10 Jun, 2015 08:24 AM

    Dave Bown's Avatar

    I think I'd deduced that would be necessary but I'm new to appveyor and can't find any example deployment scripts.

    I know PowerShell reasonably well and obviously I have the packages as artefacts but how do I determine the path in which they are located. Is there a parameter or environment variable available?

  7. Support Staff 7 Posted by Feodor Fitsner on 10 Jun, 2015 08:26 AM

    Feodor Fitsner's Avatar

    Yeah, there is a hash with uploaded artifacts:

    Alternatively, you can just replace AppVeyor's auto-packaging with your own nuget pack ... command and known output dir.

  8. 8 Posted by Dave Bown on 10 Jun, 2015 06:43 PM

    Dave Bown's Avatar

    Thanks for this, did as you suggested with the hash table and it works a treat.

    My deployment script is as follows:

    $pushSource = "<nuget source url here>"
    $apiKey = $env:nuget_apiKey
    $user = $env:nuget_user
    $password = $env:nuget_password

    if ($apiKey -eq "")
    Write-Host "No NuGet server api key provided - so not pushing anything up."

    if ($artifacts.Count -eq 0)
    Write-Host "**** No nupkg files found in artefacts"

    NuGet sources add -Name myday -Source $pushSource -UserName $user -Password $password

    foreach($artifactName in $artifacts.keys)
    NuGet push ($artifacts[$artifactName].path) -Source $pushSource -apiKey $apiKey

  9. Support Staff 9 Posted by Feodor Fitsner on 11 Jun, 2015 01:59 AM

    Feodor Fitsner's Avatar

    Great, thanks for the update.

    Interesting case though - maybe we should add Windows auth support in our built-in NuGet provider...

  10. Ilya Finkelshteyn closed this discussion on 25 Aug, 2018 01:57 AM.

Comments are currently closed for this discussion. You can start a new one.

Keyboard shortcuts


? Show this help
ESC Blurs the current field

Comment Form

r Focus the comment reply box
^ + ↩ Submit the comment

You can use Command ⌘ instead of Control ^ on Mac