Authenticating to NuGet Hosted Repo with Tokens

Sonatype Nexus Repository
1

We are using Nuget Hosted, Proxy, and Group Repositories.

Currently, we can download packages from this repository by saving our encrypted username and password to our developer workstations, using the “dotnet nuget update source” command.

My Nexus administrator just upgraded to Pro and wants us to start using Tokens for authentication on our Nuget requests, instead of our user/password. I have experimented with trying to store the token instead of the password, and a few other combinations, but nothing seems to work.

After searching the internet exhaustively, it appears that there is no official support for this kind of authentication, either from Sonatype or from Nuget/Microsoft.

I am wondering if anyone else has been able to successfully integrate with a Nexus Nuget repo using a token instead of a credential. If so, how?

Thanks!
Brolo

2 Likes
2

Hi Scott,
Sorry about your experience. Enabling Nexus Repository users to use NuGet API Token is documentated in Deploying Packages to NuGet Hosted Repositories (we should make it easier to find!)and it requires two steps:

  1. Activate NuGet API-Key Realm

    nuget-user-token-step-2
    nuget-user-token-step-22534×990 177 KB

  2. Each user has to access their own NuGet API Key on their User page

    nuget-user-token-step-3
    nuget-user-token-step-32534×1110 182 KB

3

NuGet tokens are only used for publishing packages, so they aren’t going to do what you want here. If you have Nexus Repo Pro you can use user tokens:

https://help.sonatype.com/display/NXRM3/Security+Setup+with+User+Tokens

1 Like