Developing behind a proxy always has its challenges. I’ve already blogged about using git for windows behind a proxy. But the TFS server itself normally does not have to connect to the internet. This changes if you want to use the Package Management extension with NPM and upstream to public sources.

If you are using TFS 2017 with Update 2, the simplest way to configure your TFS server to use the corporate proxy is to configure a proxy server in “Internet Properties” in IE on the server that TFS is running on.  TFS will respect the settings because it follows the proxy resolution order described here.  The Package Management extension within TFS will also leverage those proxy settings and reach out through your corporate proxy when a user requests a package from the public npm registry (i.e. https://registry.npmjs.org).

If you are using a version of TFS that is earlier than 2017 Update 2, you will need to change the “usesystemdefault” from “False” to “True” in TFS’s web.config so that it respects the system’s proxy resolution order.

<defaultproxy>
    <proxy bypassonlocal="True" usesystemdefault="True" />
</defaultproxy>

You can set the system proxy with the netsh command:

netsh winhttp set proxy {proxy address:port} {bypass list}

Also, if developer’s systems must also egress traffic through a corporate proxy then you should place the following setting in each project’s .npmrc:

proxy=http://your-corporate-proxy-goes-here:8888
strict-ssl=false

This setting will allow the npm client to retrieve the package while Package Management simultaneously fetches the package from the public registry and caches it permanently in your feed.

Future releases of TFS will not need this setting and Microsoft is actively working on a feature to ingest npm packages from the public registry in-line when the client requests them.