• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1---
2title: npm-token
3section: 1
4description: Manage your authentication tokens
5---
6
7### Synopsis
8
9```bash
10npm token list
11npm token revoke <id|token>
12npm token create [--read-only] [--cidr=list]
13```
14
15Note: This command is unaware of workspaces.
16
17### Description
18
19This lets you list, create and revoke authentication tokens.
20
21* `npm token list`:
22  Shows a table of all active authentication tokens. You can request
23  this as JSON with `--json` or tab-separated values with `--parseable`.
24
25```bash
26+--------+---------+------------+----------+----------------+
27| id     | token   | created    | read-only | CIDR whitelist |
28+--------+---------+------------+----------+----------------+
29| 7f3134 | 1fa9ba… | 2017-10-02 | yes      |                |
30+--------+---------+------------+----------+----------------+
31| c03241 | af7aef… | 2017-10-02 | no       | 192.168.0.1/24 |
32+--------+---------+------------+----------+----------------+
33| e0cf92 | 3a436a… | 2017-10-02 | no       |                |
34+--------+---------+------------+----------+----------------+
35| 63eb9d | 74ef35… | 2017-09-28 | no       |                |
36+--------+---------+------------+----------+----------------+
37| 2daaa8 | cbad5f… | 2017-09-26 | no       |                |
38+--------+---------+------------+----------+----------------+
39| 68c2fe | 127e51… | 2017-09-23 | no       |                |
40+--------+---------+------------+----------+----------------+
41| 6334e1 | 1dadd1… | 2017-09-23 | no       |                |
42+--------+---------+------------+----------+----------------+
43```
44
45* `npm token create [--read-only] [--cidr=<cidr-ranges>]`:
46  Create a new authentication token. It can be `--read-only`, or accept
47  a list of
48  [CIDR](https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing)
49  ranges with which to limit use of this token. This will prompt you for
50  your password, and, if you have two-factor authentication enabled, an
51  otp.
52
53  Currently, the cli can not generate automation tokens. Please refer to
54  the [docs
55  website](https://docs.npmjs.com/creating-and-viewing-access-tokens)
56  for more information on generating automation tokens.
57
58```bash
59+----------------+--------------------------------------+
60| token          | a73c9572-f1b9-8983-983d-ba3ac3cc913d |
61+----------------+--------------------------------------+
62| cidr_whitelist |                                      |
63+----------------+--------------------------------------+
64| readonly       | false                                |
65+----------------+--------------------------------------+
66| created        | 2017-10-02T07:52:24.838Z             |
67+----------------+--------------------------------------+
68```
69
70* `npm token revoke <token|id>`:
71  Immediately removes an authentication token from the registry.  You
72  will no longer be able to use it.  This can accept both complete
73  tokens (such as those you get back from `npm token create`, and those
74  found in your `.npmrc`), and ids as seen in the parseable or json
75  output of `npm token list`.  This will NOT accept the truncated token
76  found in the normal `npm token list` output.
77
78### Configuration
79
80#### `read-only`
81
82* Default: false
83* Type: Boolean
84
85This is used to mark a token as unable to publish when configuring limited
86access tokens with the `npm token create` command.
87
88
89
90#### `cidr`
91
92* Default: null
93* Type: null or String (can be set multiple times)
94
95This is a list of CIDR address to be used when configuring limited access
96tokens with the `npm token create` command.
97
98
99
100#### `registry`
101
102* Default: "https://registry.npmjs.org/"
103* Type: URL
104
105The base URL of the npm registry.
106
107
108
109#### `otp`
110
111* Default: null
112* Type: null or String
113
114This is a one-time password from a two-factor authenticator. It's needed
115when publishing or changing package permissions with `npm access`.
116
117If not set, and a registry response fails with a challenge for a one-time
118password, npm will prompt on the command line for one.
119
120
121
122### See Also
123
124* [npm adduser](/commands/npm-adduser)
125* [npm registry](/using-npm/registry)
126* [npm config](/commands/npm-config)
127* [npmrc](/configuring-npm/npmrc)
128* [npm owner](/commands/npm-owner)
129* [npm whoami](/commands/npm-whoami)
130* [npm profile](/commands/npm-profile)
131