I’m working on automating package publishing through continuous integration and running into authentication issues. My workflow includes a step that should handle the publishing process:
I’ve confirmed that the REGISTRY_TOKEN is properly configured in my repository secrets. However, the build keeps failing with this message: npm error need auth This command requires you to be logged in to https://registry.npmjs.org/
What’s strange is that publishing works perfectly when I do it manually from my local development environment. I recently enabled two-factor authentication on my npm account, which might be related to this issue.
Any suggestions on how to resolve this authentication problem in the automated environment?
Your CI can’t authenticate with npm because it’s missing the right config. You’ve got NODE_AUTH_TOKEN set up, but you need this line in your .npmrc file: //registry.npmjs.org/:_authToken=${NODE_AUTH_TOKEN}. Without it, npm doesn’t know where to use the token.
Since you’ve got 2FA enabled, regular user tokens won’t work in CI anyway. Go to your npm account settings and generate an Automation token instead - these skip 2FA for CI/CD. Swap out your current REGISTRY_TOKEN secret with this automation token and you should be good to go.
Same thing happened to us after enabling 2FA - deployments just started crashing. Our CI wasn’t handling the auth token right. You need to create the .npmrc file in your workflow before npm publish runs. Add this step: echo "//registry.npmjs.org/:_authToken=$NODE_AUTH_TOKEN" > ~/.npmrc right before publishing. Double-check your package.json has the right publishConfig registry too. Everyone’s right about using automation tokens - regular tokens won’t work with 2FA in CI.
hey, i had this issue too! double-check your .npmrc for that token line. also, if 2FA is on, try using an automation token instead. it might do the trick! good luck!