Ask A Question

View Question

When I push to a feed from the command line using -ApiKey Admin:Admin I am prompted for credentials, even though no API key is set for the feed. I also removed the API Key from the advanced settings page in the web user interface. Anonymous Authentication is enabled in IIS (I have tried Forms Authentication as well).

When I enter the admin credentials, the package is successfully pushed.

Below is the command I am using:

nuget.exe push MyPackage.1.0.0.nupkg -ApiKey Admin:Admin -Source
Pushing MyPackage 1.0.0 to 'http://localhost:7070/nuget/Developer'...
Please provide credentials for: http://localhost:7070/nuget/Developer
UserName: Admin
Password: *****
Your package was pushed.

I need to be able to push without being prompted for credentials, since this will be executed using the Team City NuGet Publish build runner.

I am using the following:
ProGet 3.1.2 (Free)
NuGet 2.8.2
IIS 7.0
Windows Server 2008 R2
SQL Server Express 2005


Product: ProGet
Version: 3.1.2

I just wanted to add that I'm experiencing the same behavior using the integrated web server as well. I am unable to push in non-interactive mode. Any ideas?


We haven't been able to reproduce this behavior. I just tried pushing a package to a local ProGet usin NuGet 2.8.2 and -ApiKey Admin:Admin and didn't get any prompts for credentials. Could you send a Fiddler trace of this to us at support at

I had to grant the Anonymous user the Feeds_ViewFeeds task for this to work for me.

Hi guys,

I've had the same issue. The problem is that NuGet does a GET request before the PUT request. So, the GET request isn't authenticated.

To resolve you have to run this command in order to set User and Password in for a specific Source:

NuGet.exe Sources Update -Name <feedName> -Source <pathToPackageSource> -UserName xxx -Password <secret>

More information about this command here: link text

Have a nice day


I am having the same problem.

No problems at the command line - only through the TeamCity runner.

Adding the source with credentials to the TeamCity server that the teamcity user runs under did not help.

Are the folks at Inedo trying to repro this with the TeamCity runner - or only the command line?

We are on TeamCity Professional 9.1.4 which has nuget.exe 2.8.60717.93 in it's built-in "NuGet Publish" runner.

Forgot to mention I have also applied all the other remedies in this thread and they are still applied.

The NuGet Publish runner only provides for an API Key - no user name and password.

When I use "user:password" in that prompt - still get the NuGet Runner saying it's being prompted for credentials.

ProGet version is 3.8.6 (Build 2)

I believe the TeamCity runner just wraps NuGet.exe; unfortunately v2.8 is a bit buggy, and has problems with authentication. So you may need to use v2.6 or 3.3, depending on which sets of bugs you want to live with.

Actually I think I narrowed it down.

  1. ProGet wants both a user id and an apikey when anonymous does not have any permissions (mentioned previously in this thread).
  2. ProGet does not accept the API key on the command line. I tested this by using nuget directly on the same server as the Teamcity build agent. ProGet responds with a credential prompt.
  3. The TeamCity Nuget support only allows an API key, not user and pass for feed pushing.

So for a ProGet server where anonymous has no permissions I have to:
*) Register the source with credentials
*) Register the api key for the source as username:pass

Since I don't want to have dependencies on setup steps for build agents I made a powershell script that always checks to make sure these steps are done before pushing.

Some good news for anyone else dealing with this.

I should also mention I did test this with Nuget 3.3 and had the same problems and this solution works with 2.8

Now that I configured BOTH a persistent nuget source with stored creds and a nuget api key "user:pass" on the build agent using nuget.exe, I can:

*) Successfully use the STANDARD Nuget TeamCity Plugin

*) On ProGet "anonymous" does not need to have any permissions

*) In the TeamCity Nuget Publish step you do NOT need to specify the APIKey

*) The password and api key are both encrypted in nuget.confg - so possibly even more secure than storing them in teamcity.

The downside is, of course, some build agent config steps (run them once per target ProGet feed) outside of TeamCity.

Run these commands on build agents as the same user id that TeamCity runs under:

nuget source add -name "proget" -source http://192.0.0.X/nuget/feedname -username "Userid" -password "password"

nuget setapikey "userid:password" -source http://192.0.0.X/nuget/feedname

Now any "Nuget Publish" commands on that build agent to that feed will work.


I should also note that if you are running TeamCity under a SYSTEM account, it is very difficult to tweak the nuget.config under one of those profiles. So you would need to create the sources in a machine-wide nuget.config in %programdata%\Nuget\Config folder as described here:

I did not test my config with machine wide configuration yet.

I encountered this same problem yesterday. The cause turned out to be that I was trying to push a package with a version that already existed on the Proget server, and the user did not have overwrite permissions. I did not catch this at first because the TeamCity plugin only logs the following:

PUT <feedname>
Forbidden <feedname>
Please provide credentials for: <feedname>
Cannot prompt for input in non-interactive mode.

... whereas I'm used to seeing something like the following when the same thing happens when pushing from the command line:

Failed to process request. 'There was an error processing the request: The package <packagename> already exists and the user Anonymous does not have the Feeds_OverwritePackage privilege.'. 
The remote server returned an error: (403) Forbidden..

With other package managers (not Proget) I'm used to seeing something like the following when a package already exists:

Pushing <packagename> to '<feedname>'...
Failed to process request. 'Conflict'. 
The remote server returned an error: (409) Conflict..

So just a heads-up for people using the TeamCity plugin. The logged output may not be telling the full story.

Yet one more solution (after 6+ months).

After trying all the possible solutions mentioned above - if you are still seeing the error: Response status code does not indicate success: 405 (Method Not Allowed). then most likely you need to disable your WebDav IIS plugin.

You may either remove the IIS feature from the machine or if you need to keep the feature you may disable it only for this website. You may do this by editing the Web.config file (by default located here: C:\Program Files\ProGet\WebApp)

and add two entries as shown below:
<remove name="WebDAVModule" />
<remove name="WebDAV" />

Note: the Modules and Handlers section should already exist, you only need to add the line <remove name="xxx"> for each section.

I think Proget Dev team should integrate this in the Web.config by default to prevent future issues..


Answer Question