26

I would like to use an access token to publish and retrieve from an artifactory npm repo from a CI environment. I have created a Bearer token using the artifactory API but when I try and use that for access in the .npmrc with the format:

//mydomain.jrog.io/:_authToken=myveryverylongaccesstoken
registry=https://mydomain.jfrog.io/mydomain/api/npm/npm

I always receive 401 errors back.

In addition, though perhaps a different issue, if I try to use npm login with my actual artifactory credentials I get the response:

adduser Incorrect username or password
npm WARN adduser You can reset your account by visiting:
npm WARN adduser 
npm WARN adduser     https://npmjs.org/forgot
npm WARN adduser 
npm ERR! code E403
npm ERR! forbidden No oauth npm default login configuration found: org.couchdb.user:myusername

The artifactory docs around access tokens explicitly say this is the sort of use case to set up an access token, but the docs around setting up the npm repo alwyas seem to imply you need a real user account and make no mention of access tokens...

Robin Southgate
  • 487
  • 1
  • 5
  • 11

7 Answers7

35

What is your artifactory version?

The "npm login" way is only supported since 5.4 (aka. _authToken), so if you are below that, your only chance is to authenticate with BASIC authentication (aka. _auth).

Basic authentication is fairly easy to setup, Artifactory provides an easy entry point to help you set up your .npmrc

Launch the following (and do not forget to replace user and encrypted_password with the Artifactory user account you want to authenticate with)

curl -u user:encrypted_password https://mydomain.jfrog.io/mydomain/api/npm/auth

It will output something like

_auth = YourLongBasicAuthToken always-auth = true email = user@server.com

Copy these 3 lines in your .npmrc, and this should work well...

Arnaud Jeansen
  • 1,619
  • 15
  • 27
  • 2
    Thank you, this was very specifically my problem :) – Saturn K Oct 12 '17 at 21:32
  • can I use both somehow? my CI works only with `_auth` and my local setup `_authToken`. I suppose the difference is `npm` version? I tried to set both values simultaneously hoping this will help but it didnt – godblessstrawberry Feb 03 '23 at 10:27
7

To generate the contents for .npmrc, use an existing user like admin with its password

curl -uadmin:<PASSWORD> http://<ARTIFACTORY_SERVER_DOMAIN>/artifactory/api/npm/auth

afterwards you can replace/set the _auth key with any base64 encoded username:ACCESS_TOKEN

for scoped packages, use

curl -uadmin:<PASSWORD> http://<ARTIFACTORY_SERVER_DOMAIN>/artifactory/api/npm/npm-repo/auth/<SCOPE>

and set ..username and .._password (base64) with any user and access token

pHiL
  • 1,722
  • 18
  • 19
  • Instead of password, you can also use an APIKey: https://jfrog.com/help/r/jfrog-artifactory-documentation/npm-registry#:~:text=~/.npmrc-,Getting%20.npmrc%20entries%20directly%20from%20Artifactory,-Run%20the%20following – Bruno Marotta Aug 09 '23 at 15:39
4
  1. Using Basic Authentication Using the next described steps you should change your local .nprmc file with the output of the command
  • To retrieve the next fields _auth, email and always-auth automatically generated -> Run the following command to retrieve these strings directly from Artifactory:

curl -u {username}:{API_key} http://{artifactory_server_domain}/{domain}/artifactory/api/npm/auth

Notes:

Aleksadr Polishchuk
  • 41
  • 3
2

The _auth line in the other answers breaks some scoped package retrieval from npmjs. I found that I needed to use specific _auth for just the one registry I was using. See my original answer here https://stackoverflow.com/a/57014522/442837

dres
  • 1,172
  • 11
  • 15
0

in addition to the previously offered solutions:

curl -u username:encrypted_password http://<ARTIFACTORY_SERVER_DOMAIN>/artifactory/api/npm/auth >> ~/.npmrc
curl -u username:personal_api_key http://<ARTIFACTORY_SERVER_DOMAIN>/artifactory/api/npm/auth >> ~/.npmrc

here is another option without using curl (*does not work with API key):

npm config set _auth $(echo -n username:encrypted_password | base64)
Nazar
  • 91
  • 4
0

My experience adds to the comments made by others.

I was working with jfrog and already placed the package in jfrog. When trying to resolve that using jfrog.

I got the error "npm ERR! Unable to authenticate, need: Basic realm="Artifactory Realm"" when i checked logs.

After spending hours trying to resolve. I came across the documentation. https://www.jfrog.com/confluence/display/JFROG/npm+Registry#npmRegistry-ConfiguringthenpmClientforaScopeRegistry

This is very useful..The issue is I'm just pasting the access token instead of base64 encoded one. the helpful part of the page

Then I ran that command curl -u admin with a new credentials and token and got back the base64 encoded one.

Then it started working ..Hope it's helpful to anyone working with jfrog

Eric Aya
  • 69,473
  • 35
  • 181
  • 253
Durgaprasad A
  • 1
  • 1
-6

For windows user :-

1/ Add https://registry.npmjs.org to .npmrc to user profile on top:

registry=https://registry.npmjs.org

or 2/ Run below command

npm config set registry  https://registry.npmjs.org
Antonin GAVREL
  • 9,682
  • 8
  • 54
  • 81
Abhishek Singh
  • 5
  • The user is asking how to deal with auth issues to his private npm repository. Switching to the public npm registry is not an option for a lot of developers coz there's private IP stored in private npm repos. – Siddhu May 29 '20 at 09:04