Some organizations host their own packages on private package registries that require authentication to access. If you are an employee or customer of one of those organizations, you must configure a scoped registry with npm authentication. To set this up, get an npm authentication token and then add that token to your user configuration file.
The process of creating and accessing an npm authentication token is different for each registry provider. For example, JFrog’s Bintray and Artifactory repository managers use a different procedure to generate the authentication token from npm. This is an example of a typical procedure, but you need to follow the process recommended by the specific package registry provider for your scoped registry.
To fetch an authentication token from npm:
Install npm locally on your machine.
From a terminal, enter this command to log into the registry:
$ npm login --registry <registry url>
Locate and open the generated .npmrc file.
Locate either the _authToken
or the _auth
entry and copy its value (see the example below).
Depending on the registry, the token string can be either a GUID, a token, or a proprietary-formatted string.
This is an example of an .npmrc
file containing an _authToken
attribute:
registry=https://example.com:1234/mylocation/
//example.com:1234/mylocation/:_authToken=<AUTH TOKEN>
This is an example of an .npmrc
file containing an_auth
attribute:
registry=https://example.com:1234/mylocation
_auth=<AUTH TOKEN>
email=<EMAIL>
always-auth=true
Store your token information for each scoped registry that requires authentication in the .upmconfig.toml
user configuration file using the npmAuth
configuration schema. Once you save this information to the configuration file, Package Manager will provide your authentication information on every request made to each registry in the file.
Follow these instructions to add your authentication information to the user configuration file:
Locate the .upmconfig.toml
user configuration file. If the file does not already exist, create an empty text file.
Format your authentication information using a schema, depending on whether you are using a Bearer (token-based) or Basic (Base64-encrypted) authentication mechanism:
[npmAuth."<REGISTRY URL>"]
<TOKEN-PROPERTY> = "<TOKEN-VALUE>"
email = "<EMAIL>"
alwaysAuth = <BOOLEAN>
This table clarifies how to specify the configuration file values:
Entry: | Description: |
---|---|
[npmAuth."<REGISTRY URL>"] |
Required. URL for the registry. For example, [npmAuth."https://example.com:8081/mylocation"] . |
<TOKEN-PROPERTY> = "<TOKEN-VALUE>" |
Required. The authentication token generated from the npm registry. This could be either a GUID, a token, or a proprietary-formatted string. For example, this could be either token = "<AUTH TOKEN>" (Bearer) or _auth = "<BASE64 TOKEN>" (Basic). |
Optional. Email address for the user matching the user’s email on the registry. | |
alwaysAuth | Optional. Set to true if the package metadata and tarballs are not located on the same server. Typically, you can copy the value from the .npmrc file you generated. |
[npmAuth."http://localhost:8081/myrepository/mylocation"]
token = "NpmToken.2348c7ea-6f86-3dbe-86b6-f257e86569a8"
alwaysAuth = true
[npmAuth."http://localhost:4873"]
token = "eaJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJyZWFsX2dyb3VwcyI6WyJwYXNjYWxsIl0sIm5hbWUiOiJwYXNjYWxsIiwiZ3JvdXBzIjpbInBhc2NhbGwiLCIkYWxsIiwiJGF1dGhlbnRpY2F0ZWQiLCJAYWxsIiwiQGF1dGhlbnRpY2F0ZWQiLCJhbGwiLCJwYXNjYWxsIl0sImlhdCI6MTU3NDY4ODQ5MCwibmJmIjoxNTc0Njg4NDkxLCJleHAiOjE1Nzk4NzI0OTB9.qF8_0ue1ppraWLkReT06AMG6R7RZuDiV2XinxMkdSo0"
[npmAuth."https://api.bintray.example/npm/mycompany/myregistry"]
token = "aGFzY2FsbDo4ZWIwNTM5NzBjNTI3OTIwYjQ4MDVkYzY2YWEzNmQxOTkyNDYzZjky"
email = "username@example.com"
alwaysAuth = true
When you visit any website, it may store or retrieve information on your browser, mostly in the form of cookies. This information might be about you, your preferences or your device and is mostly used to make the site work as you expect it to. The information does not usually directly identify you, but it can give you a more personalized web experience. Because we respect your right to privacy, you can choose not to allow some types of cookies. Click on the different category headings to find out more and change our default settings. However, blocking some types of cookies may impact your experience of the site and the services we are able to offer.
More information
These cookies enable the website to provide enhanced functionality and personalisation. They may be set by us or by third party providers whose services we have added to our pages. If you do not allow these cookies then some or all of these services may not function properly.
These cookies allow us to count visits and traffic sources so we can measure and improve the performance of our site. They help us to know which pages are the most and least popular and see how visitors move around the site. All information these cookies collect is aggregated and therefore anonymous. If you do not allow these cookies we will not know when you have visited our site, and will not be able to monitor its performance.
These cookies may be set through our site by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant adverts on other sites. They do not store directly personal information, but are based on uniquely identifying your browser and internet device. If you do not allow these cookies, you will experience less targeted advertising. Some 3rd party video providers do not allow video views without targeting cookies. If you are experiencing difficulty viewing a video, you will need to set your cookie preferences for targeting to yes if you wish to view videos from these providers. Unity does not control this.
These cookies are necessary for the website to function and cannot be switched off in our systems. They are usually only set in response to actions made by you which amount to a request for services, such as setting your privacy preferences, logging in or filling in forms. You can set your browser to block or alert you about these cookies, but some parts of the site will not then work. These cookies do not store any personally identifiable information.