When you have to login to npm for multiple organisations it can be easier to use an
.npmrc file that you move around rather than
npm login command.
The npmrc file
The .npmrc file sits in the root of a project. The rc file allows you to set specific settings for that project.
Npm will use the first instance of a setting it finds starting in the local repository and moving to your home folder. This allows you to have specific settings for logging in to special package repositories.
First - do not commit the file!
Make sure you add .npmrc to your .gitignore file. It contains a secret token.
Do not check your npmrc with auth token into the source control.
Scoped authentication using an npmrc file
Different package repositories will have different credential methods but it is usually a token of some kind that is passed through a query string parameter. e.g. for npm it is
Here is an example on an npmrc if you wanted to log in to npm for most of the packages, but you have your
@myPrivateOrg packages in jfrog.
//registry.npmjs.org/:_authToken=YOUR_NPM_TOKEN_HERE @myPrivateOrg:registry=https://myPrivateOrg.jfrog.io/artifactory/api/npm/node-packages/ //myPrivateOrg.jfrog.io/artifactory/api/npm/node-packages/:_auth=YOUR_JFROG_TOKEN_HERE //myPrivateOrg.jfrog.io/artifactory/api/npm/node-packages/:always-auth = true package-lock=true email = firstname.lastname@example.org
Note that the tokens are usually base64 encoded. I talk about how to do this on mac here: https://www.darraghoriordan.com/2021/02/07/set-jira-release-azure-devops-pipeline/
Hope that helps!