Failed to restore project when there is external nuget source configured

Question

I have few configured in nuget.config nuget sources on my machine.

One of them (externalSource) look at external protected source (all the below generated by VS):

<?xml version="1.0" encoding="utf-8"?>
<configuration>
    <packageSources>
        <add key="nuget.org" value="https://api.nuget.org/v3/index.json" protocolVersion="3" />
        <add key="externalSource" value="https://.external_source./nuget/v3/index.json" />
        <add key="Microsoft Visual Studio Offline Packages" value="C:\Program Files (x86)\Microsoft SDKs\NuGetPackages\" />
   </packageSources>
</configuration>

I can retrieve json configuration from all the sources on my machine in the browser where I can enter proper credentials (ie work with this without any issues). Also, I can easily work with this nuget source in Nuget Manager UI in VS.

The machine where I'm working on also has access to a different nuget source, but this source is not configured anywhere (in VS or any nuget.config).

Now, I create a simple console application:

PS C:\..> dotnet new console --no-restore
The template "Console App" was created successfully
 

note: I intentionally skipped restore to limit the question area only to restore logic, without this option, the new console command will fail, even though the project itself will be created.

Now I want to restore created application:

PS C:\..> dotnet restore
  Determining projects to restore...
C:\Program Files\dotnet\sdk\8.0.100\NuGet.targets(156,5): error : Unable to load the service index for source "https://.external_source./nuget/v3/index.json". [C:\..\test.csproj]
C:\Program Files\dotnet\sdk\8.0.100\NuGet.targets(156,5): error :   Response status code does not indicate success: 401 (Unauthorized). [C:\..\test.csproj]

When I enable, detailed logging verbosity, I see that failing happens in this step:

 1>Target "Restore" in file "C:\Program Files\dotnet\sdk\8.0.100\NuGet.targets" from project "C:\..\test.csproj" (entry point):
   Task "RemoveDuplicates"
   Done executing task "RemoveDuplicates".
   Using "RestoreTask" task from assembly "C:\Program Files\dotnet\sdk\8.0.100\NuGet.Build.Tasks.dll".
   Task "RestoreTask"
     (in) RestoreGraphItems Count '4'
     (in) RestoreDisableParallel 'False'
     (in) RestoreNoCache 'False'
     (in) RestoreIgnoreFailedSources 'False'
     (in) RestoreRecursive 'True'
     (in) RestoreForce 'False'
     (in) HideWarningsAndErrors 'False'
     (in) RestoreForceEvaluate 'False'
     (in) RestorePackagesConfig 'False'
..

   CACHE https://api.nuget.org/v3/vulnerabilities/vulnerability.update.json
     1>C:\Program Files\dotnet\sdk\8.0.100\NuGet.targets(156,5): error : Unable to load the service index for source https://.external_source./nuget/v3/index.json. [C:\..\test.csproj]
       C:\Program Files\dotnet\sdk\8.0.100\NuGet.targets(156,5): error :   Response status code does not indicate success: 401 (Unauthorized). [C:\..\test.csproj]
         Assembly loaded during TaskRun (NuGet.Build.Tasks.RestoreTask): System.Diagnostics.StackTrace, Version=8.0.0.0, Culture=neutral, PublicKeyToken=.. (location: C:\Program Files\dotnet\shared\Microsoft.NETCore.App\8.0.0\System.Diagnostics.StackTrace.dll, MVID: .., AppDomain: [Default])
         NuGet.Protocol.Core.Types.FatalProtocolException: Unable to load the service index for source https://.external_source./nuget/v3/index.json.
          ---> System.Net.Http.HttpRequestException: Response status code does not indicate success: 401 (Unauthorized).
..

How can I fix it?

Configuration like:

• in nuget.config:

  <packageSourceCredentials>    
     <externalSource>      
        <add key="Username" value="name" />      
        <add key="ClearTextPassword" value=".." />    
     </externalSource>  
  </packageSourceCredentials>
  

• or options for the dotnet restore command: --interactive or --ignore-failed-sources don't help. I can fix it with option --source=nuget.org, but I have to have externalSource configured since in some other cases restoring should happen from this source

UPDATE: The error is gone if I retrieve nugets via: nuget search -take 10 -Source externalSource (when I run it, I see no prompts or popup windows) just after the error, but only for approximately 30 mins, then it starts failing with 401 error again

UPDATE2 Machine where the issue is reproducible is Windows 11 Enterprise, not sure whether it's important, but I didn't see any issues on Windows 10

UPDATE3 It looks like another approach to solve the issue is to call msbuild -t:Restore. Does this sounds like dotnet binary issue after all?

Answer 1

The correct answer is indeed downloading and setting up the artifacts credential provider

When setting up a feed on Azure DevOps artifacts, you are provided instructions to connect to the feed from multiple sources. If we choose the instructions for dotnet CLI, we are shown the following:

---