diff --git a/aspnetcore/security/data-protection/compatibility/cookie-sharing.md b/aspnetcore/security/data-protection/compatibility/cookie-sharing.md
index 18f4d075d5..830cfc9715 100644
--- a/aspnetcore/security/data-protection/compatibility/cookie-sharing.md
+++ b/aspnetcore/security/data-protection/compatibility/cookie-sharing.md
@@ -42,6 +42,8 @@ app.UseCookieAuthentication(new CookieAuthenticationOptions
        DataProtectionProvider = DataProtectionProvider.Create(new DirectoryInfo(@"c:\shared-auth-ticket-keys\"))
    });
    ```
+   
+The `DataProtectionProvider` requires the `Microsoft.AspNetCore.DataProtection.Extensions` NuGet package.
 
 When used in this manner, the DirectoryInfo should point to a key storage location specifically set aside for authentication cookies. The cookie authentication middleware will use the explicitly provided implementation of the DataProtectionProvider, which is now isolated from the data protection system used by other parts of the application. The application name is ignored (intentionally so, since you're trying to get multiple applications to share payloads).