Twine: Support Access Tokens as Authentication Mechanism

Created on 27 Jul 2019  路  8Comments  路  Source: pypa/twine

PyPI now supports scoped access tokens, we should grow support for this as appropriate: https://discuss.python.org/t/pypi-security-work-multifactor-auth-progress-help-needed/1042/31

enhancement security
Source
picture sigmavirus24

Most helpful comment

This is also documented here: https://pypi.org/help/#apitoken

picture di on 14 Jan 2020
👍2

All 8 comments

@sigmavirus24 This should "just work" without any changes to twine by using __token__ as the username and the token as the password. What additional support do you think twine needs here?

di picture di on 27 Jul 2019
👍1

Ah, I hadn't gotten around to reading the link. I see that it should continue working. I was thinking we might need to add support for retrieving the token on behalf of users.

sigmavirus24 picture sigmavirus24 on 28 Jul 2019

by using @token as the username and the token as the password

Is this documented somewhere? The only thing I could find is this issue :D

almarklein picture almarklein on 14 Jan 2020
👍2

On https://pypi.org/manage/account/token/ it says the username is supposed to be __token__ btw.

almarklein picture almarklein on 14 Jan 2020
👍1

@almarklein Yep, we changed it not long after the launch -- I'll edit that comment.

di picture di on 14 Jan 2020

This is also documented here: https://pypi.org/help/#apitoken

di picture di on 14 Jan 2020
👍2

It doesn't seem to work though.

soerendip picture soerendip on 12 Feb 2020

@soerendip Please file a new issue w/ all details and we'll try to help.

di picture di on 12 Feb 2020
Was this page helpful?
0 / 5 - 0 ratings

Related issues

bhrutledge picture bhrutledge  路  4Comments
gaborbernat picture gaborbernat  路  6Comments
jonathanunderwood picture jonathanunderwood  路  5Comments
iMoses picture iMoses  路  6Comments
cs01 picture cs01  路  5Comments