Where is my Azure ADO token stored locally?

Question

Looking in my machine nuget config I can see my ADO feed is registered, but there's no ADO token in it:

(C:\Users\user\AppData\Roaming\NuGet\NuGet.config)

<?xml version="1.0" encoding="utf-8"?>
<configuration>
  <packageSources>
    <add key="nuget.org" value="https://api.nuget.org/v3/index.json" protocolVersion="3" />
    <add key="Microsoft Visual Studio Offline Packages" value="C:\Program Files (x86)\Microsoft SDKs\NuGetPackages\" />
    <add key="dev.myfeed.com" value="https://pkgs.dev.azure.com/myfeed/_packaging/myfeed/nuget/v3/index.json" />
  </packageSources>
  <packageRestore>
    <add key="enabled" value="True" />
    <add key="automatic" value="True" />
  </packageRestore>
  <bindingRedirects>
    <add key="skip" value="False" />
  </bindingRedirects>
  <packageManagement>
    <add key="format" value="0" />
    <add key="disabled" value="False" />
  </packageManagement>
</configuration>

Running a dotnet restore on my project successfully downloads a package which only exists in this feed, and I can't understand how it succeeds? The feed requires a token to authenticate against, and there's no token in my machine NuGet.config file. Has it retrieved the token from somewhere else?

Answer 1

Has it retrieved the token from somewhere else?

The credentials are stored in Azure Artifacts Credential Provider. The Azure Artifacts Credential Provider automates the acquisition of credentials needed to restore NuGet packages as part of your .NET development workflow. We need to install the latest .NET Core SDK and credential provider first when we use dotnet with Azure Artifacts feeds.

Here is my sample when I run dotnet restore and verify with credential provider. I need to open a browser and sign in my account: