Skip to content

Support AAD authentication for Azure DevOps feed. #339

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
henriblMSFT opened this issue Feb 14, 2021 · 5 comments
Closed

Support AAD authentication for Azure DevOps feed. #339

henriblMSFT opened this issue Feb 14, 2021 · 5 comments
Labels
feature_request Resolution-Duplicate This issue or pull request already exists

Comments

@henriblMSFT
Copy link

PowerShellGet V2 only supports PAT token authentication, while this is a good start the experience contrast heavily with almost all other tools using azure devops. git doesn't require the use of PAT, neither does nuget restore.
@SydneyhSmith
Copy link
Collaborator

Thanks @henriblMSFT this is definitely an issue we want to look closer at and resolve as a top priority post-GA of 3.0, we have started the discussion in issue #330 so I will link the issues and mark this as duplicate. Thanks!

@SydneyhSmith SydneyhSmith added the Resolution-Duplicate This issue or pull request already exists label Feb 18, 2021
@LukasAltinell
Copy link

I just want to add to this topic that feature is a must have for being able to move over our organization to use Azure DevOps artifacts/feed. We are writing tools for different departments, and it's hard enough for them to get to the point where they use our repositories.

@StevenBucher98
Copy link
Collaborator

@LukasAltinell @henriblMSFT What do you envision the current flow to be? Automatic based on the current user or interactive?

Right now, we are working on integrating Secrete Management with PowerShellGet to help integrate credentials quicker and easier. Are you looking to have a more typical AAD scenario?

cc: @PaulHigin

@LukasAltinell
Copy link

@StevenBucher98 Currently we use a couple of SMB-shares for our Powershell Repositories and manage access through ACL's on those shares. It's enough trouble to guide our fellow first-line, client and infrastructure (primarily) people to register the repositories and to start consuming our modules and scripts (tools built for them), as well as keeping them updated locally. They are currently on a quite low level and every extra step is quite the hassle for them. For them to also logon to Azure Devops (which also requires a license) and request a PAT (with the correct permissions) before they can continue to register/install/update modules and scripts would simply not work (not to mention update the PAT when it expires).

My hope is that we can interactively pop up a dialog for them to enter their AAD-credentials (with conditional access policies) and get access that way. If that means that we under-the-hood request a PAT and keeping that up to date, that would be fine.

In this case we'll be trying to utilize the "Members of your Azure Active Directory" (Any members of your AAD can view the packages in this feed), and the use case above is primarily based on that flow (ie. consume, not produce).

@ghost
Copy link

ghost commented Dec 15, 2021

This issue has been marked as duplicate and has not had any activity for 1 day. It will be closed for housekeeping purposes.

@ghost ghost closed this as completed Dec 15, 2021
This issue was closed.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
feature_request Resolution-Duplicate This issue or pull request already exists
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@StevenBucher98 @SydneyhSmith @henriblMSFT @LukasAltinell