diff --git a/_contentTemplates/common/nuget.md b/_contentTemplates/common/nuget.md
index ed7bbe08d..3e529b915 100644
--- a/_contentTemplates/common/nuget.md
+++ b/_contentTemplates/common/nuget.md
@@ -17,19 +17,16 @@ Visit status.telerik.com --password --store-password-in-clear-text
+dotnet nuget add source https://nuget.telerik.com/v3/index.json --name TelerikNuGetFeed --username api-key --password --store-password-in-clear-text
```
->caution Storing passwords in plain text is strongly discouraged. This guide uses the `--store-password-in-clear-text` only for simplicity. For real-world scenarios, use secure methods, such as encrypted passwords or API keys. See Microsoft's security best practices for more information on how to securely store your NuGet source credentials.
+>See Microsoft's security best practices for more information on how to securely store your NuGet source credentials.
## Step 4: Install the Telerik UI for .NET MAUI Controls
diff --git a/get-started/first-steps-vs.md b/get-started/first-steps-vs.md
index 605761e6d..f93a0d475 100644
--- a/get-started/first-steps-vs.md
+++ b/get-started/first-steps-vs.md
@@ -51,7 +51,9 @@ If you encounter any issues creating the basic project, see the complete guide i
Telerik maintains a NuGet feed with official UI for .NET MAUI releases and service packs. These packages are available for registered users with an active trial or commercial license. Adding the Telerik NuGet server as a source in Visual Studio lets you download and install Telerik packages containing controls and utilities.
-To add the Telerik NuGet source to Visual Studio:
+@[template](/_contentTemplates/common/nuget.md#generate-nuget-key)
+
+Next, add the Telerik NuGet source to Visual Studio:
1. In Visual Studio go to **Tools** > **NuGet Package Manager** > **Package Manager Settings**.
@@ -61,7 +63,7 @@ To add the Telerik NuGet source to Visual Studio:
1. Add the `https://nuget.telerik.com/v3/index.json` URL as a **Source**. Click **OK**.
-1. Whenever Visual Studio displays a dialog to enter credentials for `nuget.telerik.com`, use your Telerik account email and password.
+1. Whenever Visual Studio displays a dialog to enter credentials for `nuget.telerik.com`, use `api-key` as the username and your NuGet API key as the password.
@@ -71,8 +73,7 @@ To add the Telerik NuGet source to Visual Studio:
2. Install the Telerik UI for .NET MAUI package:
- 1. Select the `telerik.com` **Package source** that you [added earlier](#step-2-add-the-telerik-nuget-server). As this is a private NuGet feed, you must authenticate
- with your [Telerik account](https://www.telerik.com/account/) user name and password.
+ 1. Select the `telerik.com` **Package source** that you [added earlier](#step-2-add-the-telerik-nuget-server). As this is a private NuGet feed, you must authenticate using `api-key` as the username and [your NuGet API key](#step-3-add-the-telerik-nuget-server) as the password.
1. Select the **Browse** tab, enter `MAUI` in the search box, and then select the `Telerik.UI.for.Maui` package.
diff --git a/installation/images/account-generate-nuget-api-key.png b/installation/images/account-generate-nuget-api-key.png
new file mode 100644
index 000000000..902c1ab78
Binary files /dev/null and b/installation/images/account-generate-nuget-api-key.png differ
diff --git a/installation/images/manage-nuget-keys.png b/installation/images/manage-nuget-keys.png
deleted file mode 100644
index f29342dab..000000000
Binary files a/installation/images/manage-nuget-keys.png and /dev/null differ
diff --git a/installation/images/vs-nuget-auth-window.png b/installation/images/vs-nuget-auth-window.png
new file mode 100644
index 000000000..a7aa1edd7
Binary files /dev/null and b/installation/images/vs-nuget-auth-window.png differ
diff --git a/installation/nuget/nuget-config.md b/installation/nuget/nuget-config.md
index 30ee848fd..7f0fc9dca 100644
--- a/installation/nuget/nuget-config.md
+++ b/installation/nuget/nuget-config.md
@@ -18,9 +18,6 @@ To configure the Telerik NuGet server as a package source directly in the `nuget
## Generate a NuGet Key
-Generate a NuGet API key that you will use for the authentication by the Telerik NuGet server. This approach is more secure than using your Telerik credentials in plain text.
-
@[template](/_contentTemplates/common/nuget.md#generate-nuget-key)
## Edit the NuGet.Config File
@@ -52,15 +49,9 @@ Generate a NuGet API key that you will use for the authentication by the Telerik
```
-## Securing Your Credentials
-
-This article does not cover the scenario of using your Telerik account credentials as plain text in the `NuGet.Config` file due to security concerns. However, you can still use the plain text approach if you must.
+## Securing Your NuGet Key
->warning
->* Never hard-code Telerik account credentials or NuGet API keys in a `NuGet.Config` file in a GitHub repository, Docker image, or any location that may be accessed by unauthorized parties. A NuGet key is valuable and bad actors can use it to access the NuGet packages that are licensed under your account. A credentials abuse can lead to a review of the affected Telerik account.
->* If you use single sign-on (SSO) to login into your Telerik account, always use a [NuGet API key]({%slug nuget-keys%}) instead of plain text credentials in the `NuGet.Config` file.
+Never hard-code NuGet API keys in a `NuGet.Config` file in a GitHub repository, Docker image, or any location that may be accessed by unauthorized parties. A NuGet key is valuable and bad actors can use it to access the NuGet packages that are licensed under your account. A credentials abuse can lead to a review of the affected Telerik account.
For more details about the `NuGet.Config` file, see the following Microsoft resources:
* Configuring the NuGet package sources
diff --git a/installation/nuget/nuget-keys.md b/installation/nuget/nuget-keys.md
index 3ad16d219..a6254a935 100644
--- a/installation/nuget/nuget-keys.md
+++ b/installation/nuget/nuget-keys.md
@@ -10,14 +10,7 @@ position: 8
This article describes how to use token-based authentication for the Telerik NuGet feed. You will learn how to create and use NuGet API keys to restore Telerik NuGet packages in your Continuous Integration (CI) workflow.
-The Telerik NuGet server allows you to authenticate by using two methods:
-
-* Basic authentication by providing your Telerik user name and password.
-* Token-based authentication by providing a NuGet key (recommended).
-
-When you need to restore Telerik NuGet packages as part of your CI, using NuGet keys is the more secure way to authenticate. This method does not require you to provide your Telerik username and password anywhere in the CI workflow.
-
-Unlike your Telerik credentials, a NuGet Key has a limited scope and can be used only with the Telerik NuGet server. If any of your NuGet keys is compromised, you can quickly delete it and create a new one.
+When you need to restore Telerik NuGet packages as part of your CI, using NuGet keys provides a secure way to authenticate. This method does not require you to provide your Telerik username and password anywhere in the CI workflow. Unlike your Telerik credentials, a NuGet Key has a limited scope and can be used only with the Telerik NuGet server. If any of your NuGet keys is compromised, you can quickly delete it and create a new one.
## Generating NuGet Keys
@@ -25,7 +18,7 @@ Unlike your Telerik credentials, a NuGet Key has a limited scope and can be used
## Storing a NuGet Key
-> Never check in a NuGet Key with your source code or leave it publicly visible in plain text, for example, as a raw key value in a `nuget.config` file. A NuGet Key is valuable as bad actors can use it to access the NuGet packages that are licensed under your account. A potential key abuse can lead to a review of the affected account.
+> Never check in a NuGet Key with your source code or leave it publicly visible in plain text, for example, as a raw key value in a `NuGet.Config` file. A NuGet Key is valuable, as bad actors can use it to access the NuGet packages that are licensed under your account. A potential key abuse can lead to a review of the affected account.
To protect the NuGet Key, store it as a secret environment variable. The exact steps depend on your workflow:
@@ -43,7 +36,7 @@ For more details on storing and protecting your NuGet Key, check the [Announcing
There are two popular ways to use the Telerik NuGet server in a build:
-* [Using a nuget.config file with your projects](#using-a-nugetconfig-file-with-your-projects)
+* [Using a NuGet.Config file with your projects](#using-a-nugetconfig-file-with-your-projects)
* [Using only CLI commands](#using-only-cli-commands)
@@ -51,7 +44,7 @@ For more information on how to use NuGet keys in a build, check the [Announcing
### Using a NuGet.Config File with Your Projects
-**1.** In your `nuget.config` file, set the `Username` value to `api-key` and the `ClearTextPassword` value to an environment variable name:
+**1.** In your `NuGet.Config` file, set the `Username` value to `api-key` and the `ClearTextPassword` value to an environment variable name:
```xml
@@ -75,7 +68,7 @@ The exact steps to set the `MY_API_KEY` environment variable depend on your work
### Using .NET CLI Commands
-You can use the CLI `add source` (or `update source`) command to set the credentials of a package source. This CLI approach is applicable if your CI system doesn't support default environment variable secrets or if you do not use a custom `nuget.config`.
+You can use the CLI `add source` (or `update source`) command to set the credentials of a package source. This CLI approach is applicable if your CI system doesn't support default environment variable secrets or if you do not use a custom `NuGet.Config`.
* To set the credentials in Azure DevOps:
diff --git a/installation/nuget/using-dotnet-cli.md b/installation/nuget/using-dotnet-cli.md
index 3901e9830..61ac021bc 100644
--- a/installation/nuget/using-dotnet-cli.md
+++ b/installation/nuget/using-dotnet-cli.md
@@ -12,24 +12,14 @@ If you do not use a [Visual Studio's NuGet Package manager]({% slug nuget-server
Use the `add source` or `update source` command respectively to add the new source and set the credentials required for the authentication by the Telerik NuGet server.
-The command below shows one way to add the Telerik NuGet source using .NET CLI. Replace the placeholders with your Telerik account username and password.
+1. [Generate a NuGet API Key]({% slug nuget-config %}#generate-a-nuget-key).
+1. Add or update the Telerik NuGet source by using .NET CLI and the generated API key:
```bash
-dotnet nuget add source https://nuget.telerik.com/v3/index.json --name TelerikNuGetFeed --username --password --store-password-in-clear-text
+dotnet nuget add source https://nuget.telerik.com/v3/index.json --name TelerikNuGetFeed --username api-key --password --store-password-in-clear-text
```
->caution Storing passwords in plain text is strongly discouraged. This article uses `--store-password-in-clear-text` only for simplicity. For real-world scenarios, use secure methods, such as encrypted passwords or [API keys]({% slug nuget-config %}#generate-a-nuget-key). See Microsoft's security best practices for more information on how to securely store your NuGet source credentials.
-
-## Using an API Key
-
-To avoid storing your Telerik account username and password in plain text on your system, use an API key instead:
-
-1. [Generate a NuGet API Key]({% slug nuget-config %}#generate-a-nuget-key).
-1. Add or update the Telerik NuGet source by using .NET CLI and the generated API key instead of a password:
-
- ```bash
- dotnet nuget add source https://nuget.telerik.com/v3/index.json --name TelerikNuGetFeed --username api-key --password --store-password-in-clear-text
- ```
+>See Microsoft's security best practices for more information on how to securely store your NuGet source credentials.
## See Also
diff --git a/installation/nuget/visual-studio.md b/installation/nuget/visual-studio.md
index f37376c5a..636735b07 100644
--- a/installation/nuget/visual-studio.md
+++ b/installation/nuget/visual-studio.md
@@ -16,7 +16,11 @@ Before adding the Telerik NuGet server to Visual Studio, make sure you have:
1. .NET MAUI installed on the machine. For more information on the required steps and system requirements, refer to the official Microsoft .NET MAUI documentation.
2. A commercial or trial license for Telerik .NET MAUI. Note that the Telerik NuGet server requires authentication and checks if you have a valid license.
-## Step 1: Add the Telerik NuGet Package Source to Visual Studio
+## Step 1: Generate an API Key
+
+@[template](/_contentTemplates/common/nuget.md#generate-nuget-key)
+
+## Step 2: Add the Telerik NuGet Package Source to Visual Studio
To configure the Telerik NuGet feed in Visual Studio:
@@ -30,7 +34,7 @@ To configure the Telerik NuGet feed in Visual Studio:
You have successfully added the Telerik NuGet feed as a Package source.
-## Step 2: Install the Telerik UI for .NET MAUI NuGet Package
+## Step 3: Install the Telerik UI for .NET MAUI NuGet Package
The next steps describe how to authenticate your local NuGet instance and display the available packages:
@@ -39,7 +43,10 @@ The next steps describe how to authenticate your local NuGet instance and displa
1. Select **Manage NuGet Packages for Solution...**.
1. Select the Telerik NuGet **Package source** from the drop-down list.
1. Click the **Browse** tab to see the available packages.
-1. Enter your Telerik credentials in the Windows Authentication dialog.
+1. In the authentication window, enter `api-key` in the **User name** field and the [generated API key](#step-1-generate-an-api-key) in the **Password** field.
+
+ 
+
1. In the Visual Studio Package Manager, you will see all packages that are licensed to your user account.
1. Search for the `Telerik.UI.for.Maui` package and select it.
1. Choose the projects which require the package.
@@ -47,7 +54,7 @@ The next steps describe how to authenticate your local NuGet instance and displa
-## Step 3: Register the Required Handlers
+## Step 4: Register the Required Handlers
To visualize the [.NET MAUI](https://www.telerik.com/maui-ui) controls, you have to register the required handlers by calling the `Telerik.Maui.Controls.Compatibility.UseTelerik` extension method inside the `Configure` method of the `MauiProgram.cs` file of your project.