Token Exchange

You play as a PyPI package maintainer who must exchange identity tokens using the OpenID Connect standard to publish packages. You must navigate the complexities of securely publishing packages without sharing long-lived passwords or API tokens. The game takes place in a tech environment where you must use your strategic skills to configure PyPI to trust an identity provided by a given OpenID Connect Identity Provider (IdP).