`flit publish` gets rejected with "Non-user identities cannot create new projects"

[bluenote10]

I'm trying to run flit publish for a new project for the first time, but PyPI rejects the upload with the error message:

requests.exceptions.HTTPError: 400 Client Error: Non-user identities cannot create new projects. This was probably caused by successfully using a pending publisher but specifying the project name incorrectly (either in the publisher or in your project's metadata). Please ensure that both match. See: https://docs.pypi.org/trusted-publishers/troubleshooting/ for url: https://upload.pypi.org/legacy/

I pass the credentials via setting FLIT_USERNAME to __token__ and FLIT_PASSWORD to a newly created API token that has Scope: Entire account (all projects), i.e., which should allow for creating a new projects.

I can reproduce this issue both when doing the flit publish locally, or when trying to publish from within a GitHub Action.

Reading up on that error message in the PyPI docs indicates that the error is actually related to the "trusted publishing" variant, which uses OpenID Connect (OIDC) and short-lived identity tokens. This approach seems to be an alternative to normal API tokens. What confuses me: I am using a regular API token, and nothing related to the OIDC approach. Therefore the error message doesn't really seem to make sense (there should not be a "pending publisher" when using normal API tokens).

Any ideas why the flit publish could fail with this error?

[takluyver]

It looks like there was a bug in PyPI for a bit yesterday, until a commit was reverted: https://github.com/pypi/warehouse/issues/15586 . So hopefully if you try it again now, the same thing will work.

[bluenote10]

Indeed, today it suddenly works again, thanks for finding the issue!