Get started with Python packages in Azure Artifacts

Azure DevOps Services | Azure DevOps Server 2022 - Azure DevOps Server 2019

This guide will walk you through using Azure Artifacts to publish and consume Python packages to and from your feed.

Create a feed

  1. Sign in to your Azure DevOps organization, and then navigate to your project.

  2. Select Artifacts, and then select Create Feed to create a new feed.

  3. Enter a descriptive Name for your feed and define its Visibility (indicating who can view packages within the feed). Specify the Scope of your feed, and if you wish to include packages from public sources, mark the Upstream sources checkbox.

  4. Select Create when you're done.

    A screenshot showing how to create a need feed.

Connect to feed

There are two primary ways to connect to a feed to publish or consume your Python packages:

  1. Install and use the artifacts-keyring package, which will automatically set up authentication for you.
  2. Manually set up credentials for your .pypirc pushes, and your pip.ini/pip.conf for pulls with a personal access token (PAT).


artifacts-keyring is not supported on newer versions of Ubuntu.

Use artifacts-keyring to set up authentication

The artifacts-keyring package allows you to set up authentication to publish and consume your Python packages to and from your feed. Both pip and twine use the Python keyring library to find credentials.


You must have pip 19.2 and twine 1.13.0 or higher to use artifacts-keyring. See Usage requirements for more details.

  1. In an elevated command prompt window, run the following command to install the artifacts-keyring package:

    pip install artifacts-keyring
  2. To install a package from your feed, run the following command:

    • Project scoped feed:

      pip install <PACKAGE_NAME> --index-url<ORGANIZATION_NAME>/<PROJECT_NAME>/_packaging/<FEED_NAME>/pypi/simple
    • Organization scoped feed:

      pip install <PACKAGE_NAME> --index-url<ORGANIZATION_NAME>/_packaging/<FEED_NAME>/pypi/simple
  3. To publish a package to your feed, run the following command:

    • Project scoped feed:

      twine upload --repository-url<ORGANIZATION_NAME>/<PROJECT_NAME>/_packaging/<FEED_NAME>/pypi/upload
    • Organization scoped feed:

      twine upload --repository-url<ORGANIZATION_NAME>/_packaging/<FEED_NAME>/pypi/upload


The artifacts-keyring package is layered on top of the Azure Artifacts Credential Provider. For more advanced configuration options, check out the artifacts-credprovider repository.

Manually configure authentication

  1. Create a Personal access token with Packaging > Read scope to authenticate with Azure DevOps.

  2. Select Artifacts, and then select your feed then select Connect to feed.

    A screenshot highlighting the connect to feed button.

  3. Select pip under the Python section.

    A screenshot highlighting the pip package type.

  4. If this is your first time using Azure Artifacts with twine, select Get the tools to download and install the prerequisites.

  5. Create a virtualenv, if you don't already have one.

  6. Add a pip.ini (Windows) or a pip.conf (Mac/Linux) file to your virtualenv. Make sure you don't check your personal access token into a public repository.

    • Project scoped feed:

    • Organization scoped feed:

  7. Run the following command in your project directory to install your package.

    pip install <PACKAGE_NAME>

When you connect to Azure DevOps for the first time, you'll be prompted for credentials. Enter your user name(any string) and your personal access token in the appropriate fields. The credentials will be cached locally and used to automatically sign you in the next time you use the service.


If you want to publish or consume your packages using Azure Pipelines, use the Python Pip Authenticate task to authenticate and install packages, or the Python Twine Upload Authenticate task to publish your packages.