anaconda-auth reference

anaconda-auth

The anaconda-auth package handles authentication across the Anaconda ecosystem. If you’re using Anaconda CLIs or APIs, you’ll use this package to log in, manage API keys, and configure secure access to Anaconda’s curated repositories.

This tool supports both command-line and Python interfaces, and stores credentials using system keyring or a dedicated file-based store.

Installing `anaconda-auth`

Open Anaconda Prompt (Terminal on macOS/Linux).
Install anaconda-auth by running the following command:
```
conda install --name base anaconda-auth --yes
```

If you already have anaconda-auth installed, it’s best practice to update to the latest version from time to time:

conda update --name base anaconda-auth

CLI usage

You’ll interact with the CLI using anaconda auth and anaconda token commands:

anaconda auth commands

anaconda auth [OPTIONS] <COMMAND> [ARGS]...

Global Options

Option	Description
`--version`, `-V`	Show version and exit
`--help`	Show help message

Available Commands

Command	Description	Arguments
`login`	Open browser to authenticate with Anaconda	[`anaconda.com`, `anaconda.org`] [default: None]
`logout`	Remove stored API key
`whoami`	Show the authenticated user
`api-key`	Print your current API key

Examples

# Log in to Anaconda.com at the command line
anaconda auth login --at anaconda.com

# Display information about you as a user
anaconda auth whoami

# Display your current API key
anaconda auth api-key

anaconda-auth also allows for authentication to Anaconda.org. If you do not include --at anaconda.com, you will be prompted to select a domain.

anaconda token commands

anaconda token [OPTIONS] <COMMAND> [ARGS]...

Global Options

Option	Description
`--help`	Show help message

Command	Description	Arguments
`install`	Issue and set a new token
`list`	Show all installed tokens
`config`	Configure conda to use a token for private access	`--force` `--no-force` Default: `no-force`
`uninstall`	Remove a token for a specific organization	`--org <ORG_ID>`

Your <ORG_ID> is part of your organization’s URL: https://anaconda.com/app/organizations/<ORG_ID>.

When you log in with anaconda-auth, a token is stored in the specified storage location. This token is deleted when you log out. The auth token is valid for one year.

For more information on token storage, see Token Storage.

Examples

# Issue and set yourself an organization access token
anaconda token install

# Remove an access token for an organization
anaconda token uninstall --org data-science-snakes

Configuration

You can configure anaconda-auth by either:

Setting parameters in the plugin.auth section of the ~/.anaconda/config.toml file.
Setting one or more ANACONDA_AUTH_ environment variables or using a .env file in your working directory.

Setting variables in an .env file in your working directory takes precedence over the ~/.anaconda/config.toml file.

Configuration Parameters

Config Key	Env Var	Description	Default
`domain`	`ANACONDA_AUTH_DOMAIN`	Anaconda API domain	`"anaconda.com"`
`ssl_verify`	`ANACONDA_AUTH_SSL_VERIFY`	Verify SSL certificates	`true`
`preferred_token_storage`	`ANACONDA_AUTH_PREFERRED_TOKEN_STORAGE`	Token store: `system` or `anaconda-keyring`	`"anaconda-keyring"`
`api_key`	`ANACONDA_AUTH_API_KEY`	Explicit API key if `None`, defaults to keyring storage	`None`
`extra_headers`	`ANACONDA_AUTH_EXTRA_HEADERS`	Extra HTTP headers in JSON	`None`

Example Config

Non-interactive usage

If you want to utilize Anaconda services on a system where you do not have interactive access to a browser to use the login command, you have two options:

On a system with browser access, ensure preferred_token_storage is set to "anaconda-keyring".
Run:
```
anaconda auth login --at anaconda.com
```
This creates the ~/.anaconda/keyring file.
Copy the ~/.anaconda/keyring file to the non-interactive system:
```
scp ~/.anaconda/keyring user@<TARGET_SYSTEM>:~/.anaconda/keyring
```

On a system with browser access, ensure preferred_token_storage is set to "anaconda-keyring".
Run:
```
anaconda auth login --at anaconda.com
```
This creates the ~/.anaconda/keyring file.
Copy the ~/.anaconda/keyring file to the non-interactive system:
```
scp ~/.anaconda/keyring user@<TARGET_SYSTEM>:~/.anaconda/keyring
```

On a system with browser access, retrieve your API key:
```
anaconda auth api-key
```
On the non-interactive system, set the API key using one of the following methods:

Set the ANACONDA_AUTH_API_KEY environment variable:

export ANACONDA_AUTH_API_KEY="<YOUR_API_KEY>"

Set the ANACONDA_AUTH_API_KEY environment variable:

export ANACONDA_AUTH_API_KEY="<YOUR_API_KEY>"

Add the API key to your ~/.anaconda/config.toml file:

Example ~/.anaconda/config.toml file

[plugin.auth]
api_key = "<YOUR_API_KEY>"

Python Usage

You can use anaconda-auth in scripts and applications to authenticate programmatically.

from anaconda_auth import login, logout

login()  # Initiates browser-based login

If a valid token is already present, login() does nothing. To override this behavior:

login(force=True)

To remove the API key from your keyring storage, use the logout() function.

from anaconda_auth import logout

logout()

For more information about using anaconda-auth to make API requests, see the official anaconda-auth docs on GitHub.

Package Security Manager (Cloud)

​anaconda-auth

​Installing anaconda-auth

​CLI usage

​anaconda auth commands

​anaconda token commands

​Configuration

​Configuration Parameters

​Non-interactive usage

​Python Usage

anaconda-auth

Installing `anaconda-auth`

CLI usage

anaconda auth commands

anaconda token commands

Configuration

Configuration Parameters

Non-interactive usage

Python Usage