NPM tokens (generate, revoke)


#1

Hello,

I’m setting up a NPM repos for a few projects and I have a few questions.

Is there a way to get the NPM token from GUI or API or is the only option to login via npm adduser and then get the token from .npmrc?

How can I see all active NPM tokens?

How can I revoke a NPM token?

Can a single user have multiple tokens? Does Nexus generate unique token for every npm adduser?

thanks, Matej


#2

Hey Matej,

Check out the section in the docs around npm security. I think this should give you the answers you’re after:

https://help.sonatype.com/repomanager3/node-packaged-modules-and-npm-registries#NodePackagedModulesandnpmRegistries-npmSecurity