Accessing a private NuGet feed from Azure DevOps

Black Metal Padlock

Update: So after posting this my colleague and friend Danielapproached me and showed me the Azure Artifacts Credentials Provider by Microsoft which automates the steps bellow. Be sure to check it out. Thanks, Daniel for showing me this and making my life easier 😃

So lately I was playing around with one of Azure DevOps many features. Namely pushing freshly created NuGet packages to your private feed. Bringing up the question how can I access the feed and authenticate during a NuGet restore process via dotnet restore?

While this blog post shows steps to be taken for Azure DevOps - the same actions are required in the NuGet.config for other sources.

While I knew how to click my way around Visual Studio to do this. Under my Ubuntu Shell, this was not an option. Luckily adding a NuGet feed is quite common knowledge, while the paths differ under Windows and Unix systems you will find it in your home directory under:


Or for Windows that would be:


You can add the feed to your NuGet.config file:

<?xml version="1.0" encoding="utf-8"?>
        <add key="" value="" protocolVersion="3" />
        <add key="NameOfYourFeed" value="path to your nuget/index.json" />

Now for accessing a private NuGet feed, you will have to provide a username and password. You can add them to the config file:

<?xml version="1.0" encoding="utf-8"?>
    <!-- packageSources -->
            <add key="Username" value="gnabber"/>
            <add key="ClearTextPassword" value="YourPassword"/>

The only issue being you probably do not want to store your Azure DevOps password in plain text on a computer. And you shouldn’t do that either. So let’s head back over to Azure DevOps, click on your profile picture and select “Security”. Now generate a new token. Be sure to select “Show all scopes” then under Packaging choose the “Read” permissions.

Image showing the dialog to generate a token for readonly access to your package feed

Copy the generated token and store it in the NuGet.config within the PlainTextPassword field. You can now dotnet restore your packages from the private Package feed.