Token Exchange

In Token Exchange, you play as a PyPI package maintainer who must navigate a series of puzzles and challenges in order to safely and securely publish your software package. Using trusted publishing methods like OpenID Connect, you must prove your identity and request short-lived API tokens to authenticate with PyPI and publish your package. Along the way, you may encounter obstacles like hackers and security vulnerabilities that threaten to compromise your package and your identity.