Creating and viewing authentication tokens

You can create and view authentication tokens from the website and command line interface (CLI).

Creating authentication tokens

Creating tokens on the website

  1. In the upper right corner of the page, click your profile picture, then click Tokens. profile dropdown menu with tokens link selected
  2. Click Create New Token. create new token button
  3. Select the access level:
    • Read and Publish: Recommended for continuous deployment and other environments where a deploy artifact is created and published to npm.
    • Read Only: Recommended for continuous integration and other environments where a deploy artifact is not created. token access level radio buttons with read and publish selected
  4. Click Create Token.
  5. Copy the token from the top of page.

Creating tokens with the CLI

You can create tokens with read and publish permissions, read-only permissions, and CIDR-whitelisted tokens with either read and publish or read-only permissions with the CLI.

  1. To create a new token, on the command line, run:
    • npm token create for a read and publish token
    • npm token create --read-only for a read-only token
    • npm token create --cidr=[list] for a CIDR-restricted read and publish token. For example, npm token create --cidr=192.0.2.0/24
    • npm token create --read-only --cidr=[list] for a CIDR-restricted read-only token
  2. When prompted, enter your password.
  3. If you have enabled two-factor authentication, when prompted, enter a one-time password.
  4. Copy the token from the token field in the command output.

CIDR-restricted token errors

If the CIDR string you enter is invalid or in an inappropriate format, you will get an error similar to the one below:

npm ERR! CIDR whitelist contains invalid CIDR entry: X.X.X.X./YY,Z.Z.. . .

Make sure you are using a valid IPv4 range and try creating the token again.

Viewing tokens

Note: You can only view a full token immediately after creation.

Viewing tokens on the website

To view all tokens associated with your account, in the upper right corner of the page, click your profile picture, then click Tokens.

profile dropdown menu with tokens link selected

Viewing tokens on the CLI

To view all tokens associated with your account, on the command line, run the following command:

npm token list

Token attributes


< About authentication tokens | Revoking authentication tokens >