See also:
Article

Authenticating to an npm registry

How to authenticate to an npm registry?
People looking at computer screens

To load private packages from the npm package registry or a private registry using npm install, the npm client needs to authenticate to the registry.

npm uses the _authToken values from the .npmrc file to authenticate to each registry. The following .npmrc for example, makes npm use TOKEN to authenticate to the npm registry:

//registry.npmjs.org/:_authToken=TOKEN

The .npmrc file is stored in the home directory and the values can be viewed and edited using npm config. The values can be overridden by the .npmrc configuration in the project root.

Alternatively, the user can log in to a registry using npm login. This command requires entering the username and password, but all it does is obtain the authentication token and save it to .npmrc. Saving the token to .npmrc directly is a great way to "log in" to the npm registry non-interactively which is useful in CI/CD workflows that run npm install inside Docker.

Last updated on 1/1/2020 by Anton Vasetenkov.