Authentication#
Basic HTTP authentication#
pip supports basic HTTP-based authentication credentials. This is done by providing the username (and optionally password) in the URL:
https://username:password@pypi.company.com/simple
For indexes that only require single-part authentication tokens, provide the token as the “username” and do not provide a password:
https://0123456789abcdef@pypi.company.com/simple
Percent-encoding special characters#
New in version 10.0.
Certain special characters are not valid in the credential part of a URL.
If the user or password part of your login credentials contain any of these
special characters, then they must be percent-encoded. As an
example, for a user with username user and password he//o accessing a
repository at pypi.company.com/simple, the URL with credentials would look
like:
https://user:he%2F%2Fo@pypi.company.com/simple
netrc support#
pip supports loading credentials from a user’s .netrc file. If no credentials
are part of the URL, pip will attempt to get authentication credentials for the
URL’s hostname from the user’s .netrc file. This behaviour comes from the
underlying use of requests, which in turn delegates it to the
Python standard library’s netrc module.
Note
As mentioned in the standard library documentation for netrc,
only ASCII characters are allowed in .netrc files. Whitespace and
non-printable characters are not allowed in passwords.
Below is an example .netrc, for the host example.com, with a user named
daniel, using the password qwerty:
machine example.com
login daniel
password qwerty
More information about the .netrc file format can be found in the GNU ftp
man pages.
Keyring Support#
pip supports loading credentials stored in your keyring using the keyring library.
$ pip install keyring # install keyring from PyPI
$ echo "your-password" | keyring set pypi.company.com your-username
$ pip install your-package --index-url https://pypi.company.com/
Note that keyring (the Python package) needs to be installed separately from
pip. This can create a bootstrapping issue if you need the credentials stored in
the keyring to download and install keyring.
It is, thus, expected that users that wish to use pip’s keyring support have some mechanism for downloading and installing keyring in their Python environment.