How to Run uv Against a Private Artifactory Python Repository with Proper Authentication

Step-by-step guide to use uv with a private Artifactory Python index: pass credentials in the index URL or configure pyproject.toml with environment variables.

When a private Artifactory repository is your Python package source, a straightforward uv run can stumble if the index requires authentication. The goal is simple: run uv against Artifactory as an alternative package index without wrestling with failed resolves due to missing credentials.

Reproducing the issue

A typical attempt looks innocent enough, but if the registry demands auth, it won’t fly:

uv run runner.py --index-url https://artifactory.mycompany.com/artifactory/repo/simple

This points uv at the correct host, yet no credentials are supplied, so dependency resolution cannot proceed in an authenticated environment.

What’s going on

The package index is not the default public registry and requires authentication. That means uv needs explicit credentials to talk to Artifactory. You can provide them inline for a one-off run or set them up at the project level for repeatable workflows.

uv is also known to work with JFrog's Artifactory.

The official guidance can be minimal, so here are two concrete ways to make it work.

Fix: one-off invocation

For quick runs, embed credentials directly in the index URL. This solves the authentication challenge immediately for that single execution.

uv run runner.py --index-url https://<username>:<token-or-password>@<artifactory-repo-url>

For example:

uv run runner.py --index-url https://myuser:mypassword@artifactory.mycompany.com/artifactory/repo/simple

This approach is tailored to ad-hoc use and does not require project files to be modified.

Fix: project-level configuration

For longer-term use, store the index URL in pyproject.toml and set credentials via environment variables. This keeps the URL in versioned config while leaving secrets out of the file.

pyproject.toml

[[tool.uv.index]]
name = "internal"
url = "https://artifactory.mycompany.com/artifactory/repo/simple"

Then export the environment variables in your shell (you can add them to your shell profile so they persist across sessions):

export UV_INDEX_PRIVATE_REGISTRY_USERNAME="myusername"
export UV_INDEX_PRIVATE_REGISTRY_PASSWORD="mypassword"

With this in place, uv can authenticate against the configured alternative index whenever the project is executed.

Why this matters

Teams frequently work with internal package registries. Having a reliable way to point uv at Artifactory and authenticate consistently reduces friction during development and keeps the workflow predictable. Given that official notes can be brief, a clear, minimal setup helps avoid guesswork.

Wrap-up

If you need a quick one-time run, provide credentials inline with --index-url. If you plan to use Artifactory regularly, define the index in pyproject.toml and supply credentials via UV_INDEX_PRIVATE_REGISTRY_USERNAME and UV_INDEX_PRIVATE_REGISTRY_PASSWORD. With either route, uv will resolve dependencies from your authenticated Artifactory index without surprises.