Issue ID:
PG-1933 [view on issue tracker]
Type
Feature
Title:
Add option to ignore invalid API Keys on NuGet.org
Created:
4/4/2021 3:11:50 AM by Steve Dennis
Status:
Closed on
Last pulled:
4/30/2021 12:18:06 PM
Description:

Update documentation as appropriate.

Add bool AllowInvalidApiKeys to NuGet config, and edit NuGetFeedHandler::ProcessNuGetApiKey to return true if this setting is enabled, and no API key is found.

On Manage Feed Page, add "Invalid API Keys" row below "Supported API" that shows one of two options depending on the value of AllowInvalidApiKeys
✔ Reject Requests with invalid API keys
⚠ Ignore invalid API keys if already authenticated

On the [change] modal page, give an Infobox and the drop down with the two options.

Text: Some NuGet clients, such as the PowerShellGet client, requires an API key to be used even if the request is already authenticated with a name/password or Integrated Windows Authentication. This setting allows you to enter anything you'd like for the API key, and ProGet will simply ignore an invalid key.

Close