Configure Your Connection to the Project's NPM Registry

To simplify the NPM configuration process, VB Studio generates a snippet for you to use your local .npmrc file. The NPM command line client needs this information to establish a connection with your project's NPM registry and the default external NPM registry. There are two ways to establish your connection: with basic authentication or with token-based authentication.

Configure Basic Authentication

To set up your connections with basic authentication:
  1. In the npm Configuration section on the NPM page, in the Basic tab, enter your VB Studio password, which VB Studio encodes and inserts into the NPM configuration snippet located below it.

    Your password isn't stored. It's only used to generate a base64-encoded string for the NPM configuration snippet.

  2. Copy the contents from the NPM Configuration snippet and manually paste it into your local .npmrc file:
    • On a Windows system, the .npmrc file is in %USERHOME/.npmrc.
    • On a UNIX system, the file location is ~/.npmrc.

    Note:

    Don't change the always-auth property value to "true" in your local .npmrc file. The default value for the property is "false" and must not be changed. If you set the always-auth property to "true", the NPM client sends an Authorization header to the remote proxied public NPM Registry.

    The contents of the Default tab configure your connection to the project's private NPM registry to push both scoped (any scoped package) and unscoped packages. The contents of the Scoped tab configure the connection to the project's private NPM registry for a particular scoped value only.

  3. Save your local .npmrc file.

Configure Token-Based Authentication

Note:

The npm login command won't generate a token for an NPM client if your username contains non-URL-safe special characters, such as the @ character. This limitation means that your username cannot be an email address if you want to use the npm login command for token generation (and use the generated token to perform NPM operations such as npm install, npm publish, and npm search).

To configure token-based authentication, you can simply use the Get .npmrc entries directly token generation option that doesn't have this limitation. VB Studio generates the necessary snippet to copy and paste into your .npmrc file so you can use the access token with your current username. The alternative is having your organization administrator generate an IDCS user (has no non-safe characters in the username) for you.

To set up your connections with token-based authentication:
  1. In the NPM page's npm Configuration section, select the Token tab.

    NPM Configuration page with the Token tab and the Get .npmrc entries directly radio button selected.

  2. Choose a configuration method for token-based authentication:
    • Select the Get .npmrc entries directly option to generate the token and retrieve the required .npmrc entries directly from VB Studio. See step 3.
    • Select the Use npm login manually option only if your username contains no non-URL-safe characters. You could then supply your VB Studio login credentials when prompted after entering npm login on the command line. See step 4.
  3. After selecting Get .npmrc entries directly, click Get .npmrc Entries.
    The Get .npmrc Entries dialog displays. Get .npmrc Entries dialog showing the snippet in the Default tab that you copy and paste into your .npmrc file.
    1. Click Copy to copy the generated .npmrc entries in the Default tab (to push both scoped and unscoped packages) or the Scoped tab (to push a particular scoped package only).
    2. Paste the content you just copied into your local .npmrc file and save it.
    3. Click Dismiss to close the dialog.

    Note:

    If you are an org administrator and, after clicking Get .npmrc Entries, see a warning message that you reached the maximum number of tokens allowed per user, to create another token to use with NPM, you can either click Dismiss and then delete the existing tokens by going to the Personal Access Tokens tab on your Preferences page and using the Delete icon Delete icon to delete some of your existing tokens or you can click Open Access Token Settings to go to the Organization page's Properties tab and change the maximum value for the entire organization.

    If you are not an org administrator and, after clicking Get .npmrc Entries, see the message about having too many tokens, to create another token to use with NPM, you can either click Dismiss and then delete the existing tokens by going to the Personal Access Tokens tab on your Preferences page and using the Delete icon Delete icon to delete some of your existing tokens or you can ask one of the org administrators shown in the dialog to change the maximum number of tokens allowed per user.

    See Set Up Token-Based Authentication for more information about creating personal access tokens.

  4. After selecting Use npm login manually, the npm Configuration section in the Browse tab displays this information.
    npm-use-npm-login-manually.png
    1. Click Copy to copy the snippet in the Default tab (to push both scoped and unscoped packages) or the Scoped tab (to push a particular scoped package only).
    2. Paste the contents you just copied into your local .npmrc file and save it:
      • On a Windows system, the .npmrc file is in %USERHOME/.npmrc.
      • On a UNIX system, the file location is ~/.npmrc.
    3. Click Copy to copy the provided npm login command (for all scoped and unscoped packages) or npm login --scope=@scope<scope> command (for scoped packages only).
    4. Paste the command you just copied to the command line and run it. Modify the scope, as needed and supply your VB Studio login credentials when you're prompted for them.

      VB Studio generates a personal access token and, once the NPM client receives the response that contains the generated token, it adds that to your .npmrc file. This process generates a non-expirable token.

      You can examine the details for the token in the Personal Access Tokens tab under the user Preferences. Select the token and view the information in the Basic Details and Scopes tabs.

The token remains valid until the you change your password. You can also invalidate a single token by logging out on a machine where you're logged in with that token.