Npm-token

Last update on May 25 2020 13:25:57 (UTC/GMT +8 hours)

In the previous tutorial, we showed you how to manage organization team and team membership, we also showed how to test a package.

In this tutorial we will show you how to manage your authentication tokens using npm token.

Synopsis

npm token list [--json|--parseable]
npm token create [--read-only] [--cidr=1.1.1.1/24,2.2.2.2/16]
npm token revoke <id|token>

Description

This command helps you to list, create and revoke authentication tokens.

npm token list: This option shows you a table of all active authentication tokens. You can request this to be shown as JSON with --json or can be tab-separated values using --parseable.

+-----------------------------------------------------------+
? id     ? token   ? created    ? readonly ? CIDR whitelist ?
+--------+---------+------------+----------+----------------?
? 461f27 ? c8e805? ? 2019-11-19 ? yes      ?                ?
+--------+---------+------------+----------+----------------?
? 25d9c7 ? 621949? ? 2019-11-19 ? no       ?                ?
+--------+---------+------------+----------+----------------?
? bea00e ? 6e859b? ? 2019-11-19 ? no       ?                ?
+-----------------------------------------------------------+

npm token create [--read-only] [--cidr=<cidr-ranges>]: This option creates a new authentication token. It can be either be --read-only or it can accept a list of CIDR ranges to limit use of this token to. This prompts you for your password, and, if you have enabled two-factor authentication, it will also ask you for an otp.

+----------------+--------------------------------------+
| token          | a73c9572-f1b9-8983-983d-ba3ac3bb913d |
+----------------+--------------------------------------+
| cidr_whitelist |                                      |
+----------------+--------------------------------------+
| readonly       | false                                |
+----------------+--------------------------------------+
| created        | 2019-10-02T07:52:24.838Z             |
+----------------+--------------------------------------+

npm token revoke <token|id>: This will remove an authentication token, and make it unusable immediately. This option can accept both complete tokens (as you get back from npm token create and will find in your .npmrc) and ids as shown in the npm token list output. This option will NOT accept the truncated token found in npm token list output.

Image showing the list of tokens that exists for a user.

The output for the above using the ?json flag is:

[
  {
    "token": "5ccc5f",
    "key": "089e412053e9e3e2683b8aa7f3cf7116e8df5e8f1803d94fd25712662d0cbe2713236dbd206576d1c2881d837c544f20f41c9194e171bdad3145341894971ffc",
    "cidr_whitelist": null,
    "readonly": false,
    "created": "2020-01-07T13:45:09.952Z",
    "updated": "2020-01-07T13:45:09.952Z"
  },
  {
    "token": "2f04f9",
    "key": "b2e6836f55ad3754d51fcf6b07a45702b26109365c943cdcb8747c53cce361f74b8e69399af8b0bd916d25a852bfc9af837726dd0123cac466e69cd894734d67",
    "cidr_whitelist": null,
    "readonly": false,
    "created": "2020-01-07T13:03:11.533Z",
    "updated": "2020-01-07T13:03:11.533Z"
  },
  {
    "token": "c8e805",
    "key": "461f27500aa122b8700fd9e06369428bb5181263cbf2cad5d8295880600d004db11be327ae03d5da2aab84021cf8dd0574872aac5c327ba18abd038fcde63ca9",
    "cidr_whitelist": [],
    "readonly": true,
    "created": "2019-11-19T09:51:44.615Z",
    "updated": "2019-11-19T09:51:44.615Z"
  },
  {
    "token": "621949",
    "key": "25d9c71efec751c046e79698fd5152e7a52b84f71e901027ff87c6e0f2bb247922a5f105729899fa6486366691a9036149f2a8776ef8c8512eb4ed88b2d96ed5",
    "cidr_whitelist": [],
    "readonly": false,
    "created": "2019-11-19T09:49:35.216Z",
    "updated": "2019-11-19T09:49:35.216Z"
  },
  {
    "token": "6e859b",
    "key": "bea00e0de1cd7745fcb583c507bf68986c7f7eca336ead6338d55097a156e689444c53f90e1f3ff31a896d41d266678f5957b92aef9dc0788197855561886055",
    "cidr_whitelist": null,
    "readonly": false,
    "created": "2019-11-19T09:32:11.779Z",
    "updated": "2019-11-19T09:32:11.779Z"
  }
]

Using the -parseable flag:

key     token   created readonly        CIDR whitelist
089e412053e9e3e2683b8aa7f3cf7116e8df5e8f1803d94fd25712662d0cbe2713236dbd206576d1c2881d837c544f20f41c9194e171bdad3145341894971ffc        5ccc5f  2020-01-07T13:45:09.952Z        false
b2e6836f55ad3754d51fcf6b07a45702b26109365c943cdcb8747c53cce361f74b8e69399af8b0bd916d25a852bfc9af837726dd0123cac466e69cd894734d67        2f04f9  2020-01-07T13:03:11.533Z        false
461f27500aa122b8700fd9e06369428bb5181263cbf2cad5d8295880600d004db11be327ae03d5da2aab84021cf8dd0574872aac5c327ba18abd038fcde63ca9        c8e805  2019-11-19T09:51:44.615Z        true
25d9c71efec751c046e79698fd5152e7a52b84f71e901027ff87c6e0f2bb247922a5f105729899fa6486366691a9036149f2a8776ef8c8512eb4ed88b2d96ed5        621949  2019-11-19T09:49:35.216Z        false
bea00e0de1cd7745fcb583c507bf68986c7f7eca336ead6338d55097a156e689444c53f90e1f3ff31a896d41d266678f5957b92aef9dc0788197855561886055        6e859b  2019-11-19T09:32:11.779Z        false

Previous: Npm-team and npm-test cli command
Next: Npm-uninstall and npm-unpublish cli commands