Using Azure Active Directory authentication
You can configure the NuGetGallery to use Azure Active Directory to manage your accounts.Create an Azure Active Directory application registration
- On the portal, open the “App registrations” blade.
- Select “New registration”.
- For “Supported account types”, select “Accounts in any organizational directory (Any Azure AD directory - Multitenant) and personal Microsoft accounts (e.g. Skype, Xbox)”.
⚠ NOTE: This allows any Azure Active Directory or personal account to create an account and publish packages to your on-prem gallery. If you’d like to authenticate with a specific directory (the “Single tenant” option), you will need to make a code change later.
- For “Redirect URI”, select “Web” with the value
https://<Your domain>/users/account/authenticate/return. - Press “Register” to create the application.
- On the “Overview” pane, note down the “Application (client) ID”.
- Navigate to the “Authentication” pane. Under the “Implicit grant” section, enable “ID tokens” and press “Save”.
- Navigate to “Certificates & secrets” pane and create a new client secret. Note the value of your client secret.
Configure the Gallery
Now that the Azure Active Directory application is ready, let’s configure the NuGetGallery to use your new app:- Open the NuGetGallery solution using Visual Studio.
- Modify the “Web.config” file in the NuGetGallery project.
- Modify the
Auth.AzureActiveDirectoryV2.Enabledsetting totrue. - Modify the
Auth.AzureActiveDirectoryV2.ClientIdsetting to the application ID you copied earlier. - Modify the
Auth.AzureActiveDirectoryV2.ClientSecretsetting to the client secret you copied earlier.
AzureActiveDirectoryV2AuthenticatorConfiguration to set the authority tenant ID to your AAD Tenant ID: