From c1c72e66a4018b9b6a6abb9a0cfcfde66ff264ac Mon Sep 17 00:00:00 2001
From: embetten <53092095+embetten@users.noreply.github.com>
Date: Wed, 14 Aug 2024 09:51:45 -0700
Subject: [PATCH] Update readme with mi/sp configuration information (#507)

- Update description on how to use MI/SP environment variable
---
 README.md | 16 +++++++++++++---
 1 file changed, 13 insertions(+), 3 deletions(-)

diff --git a/README.md b/README.md
index 5741b64d..df5db32f 100644
--- a/README.md
+++ b/README.md
@@ -144,9 +144,19 @@ The Credential Provider accepts a set of environment variables. Not all of them
 -   `NUGET_CREDENTIALPROVIDER_SESSIONTOKENCACHE_ENABLED`: Controls whether or not the session token is saved to disk. If false, the Credential Provider will prompt for auth every time.
 -   `VSS_NUGET_EXTERNAL_FEED_ENDPOINTS`: Json that contains an array of service endpoints, usernames and access tokens to authenticate endpoints in nuget.config. Example:
 
-```javascript
- {"endpointCredentials": [{"endpoint":"http://example.index.json", "username":"optional", "password":"accesstoken"}]}
-```
+    ```javascript
+    {"endpointCredentials": [{"endpoint":"http://example.index.json", "username":"optional", "password":"accesstoken"}]}
+    ```
+
+-   `ARTIFACTS_CREDENTIALPROVIDER_FEED_ENDPOINTS`: Json that contains an array of endpoints, usernames and azure service principal information needed to authenticate to Azure Artifacts feed endponts. Example:
+    ```javascript
+    {"endpointCredentials": [{"endpoint":"http://example.index.json", "clientId":"required", "clientCertificateSubjectName":"optional", "clientCertificateFilePath":"optional"}]}
+    ```
+
+    - `endpoint`: Required. Feed url to authenticate.
+    - `clientId`: Required for both Azure Managed Identites and Service Principals. For user assigned managed identities enter the Entra client id. For system assigned managed identities set the value to `system`.
+    - `clientCertificateSubjectName`: Subject Name of the certificate located in the CurrentUser or LocalMachine certificate store. Optional field. Only used for service principal authentication.
+    - `clientCertificateFilePath`: File path location of the certificate on the machine. Optional field. Only used by service principal authentication. 
 
 ## Release version 1.0.0