Skip to main content

anaconda-auth

The anaconda-auth package handles authentication across the Anaconda ecosystem. If you’re using Anaconda CLIs or APIs, you’ll use this package to log in, manage API keys, and configure secure access to Anaconda’s curated repositories. This tool supports both command-line and Python interfaces, and stores credentials using system keyring or a dedicated file-based store.

Installing anaconda-auth

  1. Open Anaconda Prompt (Terminal on macOS/Linux).
  2. Install anaconda-auth by running the following command: 
    conda install --name base anaconda-auth --channel https://repo.anaconda.cloud/repo/anaconda-tools --override-channels
If you already have anaconda-auth installed, it’s best practice to update to the latest version from time to time:
conda update anaconda-auth anaconda-anon-usage  --channel https://repo.anaconda.cloud/repo/anaconda-tools --override-channels

CLI usage

You’ll interact with the CLI using anaconda auth and anaconda token commands:

anaconda auth commands

anaconda auth [OPTIONS] <COMMAND> [ARGS]...
Global Options
OptionDescription
--version, -VShow version and exit
--helpShow help message
Available Commands
CommandDescriptionArguments
loginOpen browser to authenticate with Anaconda[anaconda.com, anaconda.org] [default: None]
logoutRemove stored API key
whoamiShow the authenticated user
api-keyPrint your current API key
Examples 
# Log in to Anaconda.com at the command line
anaconda login --at anaconda.com

# Display information about you as a user
anaconda auth whoami

# Display your current API key
anaconda auth api-key
anaconda-auth also allows for authentication to Anaconda.org. If you do not include --at anaconda.com, you will be prompted to select a domain.

anaconda token commands

anaconda token [OPTIONS] <COMMAND> [ARGS]...
Global Options
OptionDescription
--helpShow help message
CommandDescriptionArguments
installIssue and set a new token
listShow all installed tokens
configConfigure conda to use a token for private access--force
--no-force
Default: no-force
uninstallRemove a token for a specific organization--org <ORG_ID>
Your <ORG_ID> is part of your organization’s URL: https://anaconda.com/app/organizations/<ORG_ID>.
When you log in with anaconda-auth, a is stored in the specified storage location. This token is deleted when you log out. The auth token is valid for one year.
For more information on token storage, see Token Storage.
Examples 
# Issue and set yourself an organization access token
anaconda token install

# Remove an access token for an organization
anaconda token uninstall --org data-science-snakes

Configuration

You can configure anaconda-auth by either:
  • Setting parameters in the plugin.auth section of the ~/.anaconda/config.toml file.
  • Setting one or more ANACONDA_AUTH_ environment variables or using a .env file in your working directory.
Setting variables in an .env file in your working directory takes precedence over the ~/.anaconda/config.toml file.

Configuration Parameters

Config KeyEnv VarDescriptionDefault
domainANACONDA_AUTH_DOMAINAnaconda API domain"anaconda.com"
ssl_verifyANACONDA_AUTH_SSL_VERIFYVerify SSL certificatestrue
preferred_token_storageANACONDA_AUTH_PREFERRED_TOKEN_STORAGEToken store: system or anaconda-keyring"anaconda-keyring"
api_keyANACONDA_AUTH_API_KEYExplicit API key
if None, defaults to keyring storage		None
extra_headersANACONDA_AUTH_EXTRA_HEADERSExtra HTTP headers in JSONNone
[plugin.auth]
ssl_verify = false
preferred_token_storage = "anaconda-keyring"

Using anaconda-auth in automated workflow environments

If you want to utilize Anaconda services as part of an automated workflow or CI/CD pipeline, you can use your API key to authenticate your conda client programmatically. In the automated workflow system, set the API key using one of the following methods:
  • Using the API key
  • Using the keyring file
  1. Retrieve your API key by running the following command: 
    anaconda auth api-key
  2. On your automated workflow system, set the API key using one of the following methods:
    • Environment Variable
    • Config File
    • Docker Container
    Set the ANACONDA_AUTH_API_KEY environment variable:
    # Replace <YOUR_API_KEY> with the return from the previous command
export ANACONDA_AUTH_API_KEY="<YOUR_API_KEY>"

Python Usage

You can also use anaconda-auth in Python scripts and applications to authenticate your conda client programmatically. 
from anaconda_auth import login, logout

login()  # Initiates browser-based login
If a valid token is already present, login() does nothing. To override this behavior: 
login(force=True)
To remove the API key from your keyring storage, use the logout() function. 
from anaconda_auth import logout

logout()
For more information about using anaconda-auth to make API requests, see the official anaconda-auth docs on GitHub.
I