Revoking an NPM token

I’m trying to revoke an NPM token because it was accidently published. How can I do that? I tried changing the password, but when adding a new user it just has the same token.

Are you talking about the _authToken assigned to your .npmrc file when you npm login? Or user token? Or something else?
Sorry for my confusion.
-Joe

Hi @jtom ,

I could not figure it out how to generate _authToken . Do you know how to generate one with my credentials ?

I tried with npm login / npm adduser ... and provided credentials but these commands didn’t add these tokens to the .npmrc automatically.

thankyou in advance!

@sanu.solutions npm Security should help you. Notably “Authentication Using Basic Auth” section speaks to generating the token.