Revoking an NPM token

I’m trying to revoke an NPM token because it was accidently published. How can I do that? I tried changing the password, but when adding a new user it just has the same token.

Are you talking about the _authToken assigned to your .npmrc file when you npm login? Or user token? Or something else?
Sorry for my confusion.

Hi @jtom ,

I could not figure it out how to generate _authToken . Do you know how to generate one with my credentials ?

I tried with npm login / npm adduser ... and provided credentials but these commands didn’t add these tokens to the .npmrc automatically.

thankyou in advance! npm Security should help you. Notably “Authentication Using Basic Auth” section speaks to generating the token.