I created a new Project-Scoped Artifact Feed to host our legacy .NET Framework packages with the following settings: (and then added the packages to the feed, being the owner I obviously had access to the feed)
yet no one in our Azure AD, other than myself, could access it. Switching it to "Members of Maxeta" didn't change anything, and I didn't even bother trying "Specific Users" as the whole point is to give everyone in our AD access to the feed.
Everyone gets the same 401 Unauthorized error trying to Browse the feed in VS, despite actually being asked for credentials and using the appropriate organizational login tied to our Azure AD.
Has anyone else had this issue? Why would "Members of your Azure Active Directory" not just work out of the box?
I ending up having to create a group in Azure (give everyone membership), then add that group as a member of the Project Readers group as well as add it to the Artifact Permissions, just to give them access to the feed.
Now anytime someone comes on board, our AD Admin needs to make sure they get added to the "Maxeta Legacy Nuget Feed" group.