Skip to content

Authentication

Before installing keyed-extras, you'll need to authenticate with our private package registry. The easiest way is using our keyed-login CLI tool.

Choose how to run keyed-login

pipx or uv

Tip

Both pipx and uv handle creating (and removing) an ephemeral virtual environment to run the keyed-login command in.

pipx run keyed-login

uvx keyed-login

hatch or pdm

Tip

hatch and pdm don't support running tools not already installed on your system as easily as uv or pipx, but we can accomplish something similar using PEP-723 script dependencies!

Create this file,

install.py
# /// script
# requires-python = ">=3.11"
# dependencies = ["keyed-login"]
# ///

import keyed_login
keyed_login.login()

And then run either,

hatch run install.py
or

pdm run install.py

venv + pip

python -m venv temp-auth
source temp-auth/bin/activate  # On Windows: temp-auth\Scripts\activate
pip install keyed-login
keyed-login
deactivate
rm -rf temp-auth  # Clean up

conda

conda create -n temp-auth python pip
conda activate temp-auth
pip install keyed-login
keyed-login
conda deactivate
conda remove -n temp-auth --all  # Clean up

Running keyed-login

The keyed-login tool will:

  • Open GitHub in your browser to verify sponsorship
  • Configure your credentials in ~/.netrc
  • Verify access to the package registry
What's happening behind the scenes?

keyed-login uses GitHub's OAuth Device Flow to securely verify your sponsorship status, then stores a token in your .netrc file that allows pip to authenticate with the keyed private package index when downloading packages.

After running keyed-login, you can verify everything is working: 

$ keyed-login verify
If successful, you'll see output like: 
Testing access for user: dougmercer
✅ Package repository access verified
You can install packages with:
  pip install --index-url https://pkgs.keyed.dev/simple/ keyed-extras

This confirms you can successfully authenticate with the keyed-extras package registry.