101

I'm trying to connect to a Azure DevOps Artifacts feed, but I keep getting an E401 error.

I've tried on a different computer and it connected just fine. I've uninstalled, and reinstalled my Node.js, and I still got the error.

Below is the error I get when I run 'npm install'

npm ERR! code E401
npm ERR! Unable to authenticate, need: Bearer authorization_uri=https://login.windows.net/*********, Basic realm="https://pkgsprodcus1.pkgs.visualstudio.com/", TFS-Federated

Below is what was added to the .npmrc file 

registry=https://[org].pkgs.visualstudio.com/_packaging/[feed].Npm/npm/registry
//pkgs.dev.azure.com/[org]/_packaging/[feed].Npm/npm/registry/:_authToken=[token]
//pkgs.dev.azure.com/[org]/_packaging/[feed].Npm/npm/:_authToken=[token]

I expected to be connected to the feed after adding my info to the .npmrc file, and running 'npm install'

CourtneyH
  • 1,011
  • 2
  • 6
  • 3

12 Answers12

184

I had an issue where I couldn't connect, even though I had the same .npmrc as other repos on the same machine. Running vsts-npm-auth -config .npmrc just exited, presumably happy with the cached credentials.

However, the credentials it had seemed to be bad. The solution was to force refreshing the token: vsts-npm-auth -config .npmrc -force

Simon Clough
  • 2,323
  • 1
  • 13
  • 14
  • 2
    Where to run this? I tried in Powershell and regular command prompt, also in Node command prompt, every where it is saying it is not recognized command. – Sachin Dec 16 '20 at 16:50
  • 20
    `npm install -g vsts-npm-auth` and if the command doesn't work after opening a new command line, `npx vsts-npm-auth` – TamusJRoyce Jan 14 '21 at 15:46
  • 3
    This issue happens often, whenever the token expired. This force refresh command works just fine... thanks for this. You save my day brother. – Karthikkumar Apr 19 '21 at 06:54
  • 2
    Thanks. I'm having a weird problem where my VM can't use SSL without a certificate error. Using `-force` allowed the window to stay open so I could click 'visit web site anyway'. – HankCa Jun 02 '21 at 11:34
  • vsts-npm-auth -config .npmrc -force did the work for me, thanks a lot. – MAQ Nov 23 '21 at 14:15
  • @TamusJRoyce get the 401 trying to npm install so is there another way to install it? – Pete May 25 '22 at 14:47
  • `rename %HOMEDRIVE%%HOMEPATH%\.npmrc %HOMEDRIVE%%HOMEPATH%\.npmrc.bak` then try? assuming windows. `mv ~\.npmrc ~\.npmrc.bak` otherwise. Then run `npm install -g vsts-npm-auth` and `npx vsts-npm-auth -C .npmrc -T %HOMEDRIVE%%HOMEPATH%\.npmrc -F` from project directory – TamusJRoyce May 25 '22 at 19:20
  • `subst L c:\users\[username]` - fixes where my company had above mapped to network drive (this can cause issues too) – TamusJRoyce May 25 '22 at 19:25
  • vsts-npm-auth is not available for Mac, does anyone know any solution for this? – Jaime Lovera Jun 20 '22 at 10:52
  • On MacOs you need to edit the .npmrc file as described at https://learn.microsoft.com/en-us/azure/devops/artifacts/npm/npmrc?view=azure-devops&tabs=linux%2Cclassic – Justin Rowe May 15 '23 at 09:51
  • vsts-npm-auth command does not work on macOS. – Mohammad Arif Aug 01 '23 at 09:35
31

This usually happens when you've recently changed your password. To fix this problem, I ran this command within VS Code's Powershell terminal (any terminal will work)

vsts-npm-auth -config .npmrc

With doing so, a GUI popped-up where I was able to select the account I wanted to use to authenticate.

desertnaut
  • 57,590
  • 26
  • 140
  • 166
Null
  • 482
  • 5
  • 3
15

When Microsoft updated changed the name of VSTS to Azure DevOps, they also changed many of the URLs. Most of the old ones still redirect, but it looks like you have a mismatch in your .npmrc file above. Change the URI in the first line to match the other lines, so it looks like this:

registry=https://pkgs.dev.azure.com/[org]/_packaging/[feed].Npm/npm/registry

That should unblock you.

As a note, if you have both the registry and your credentials in the same file, and that file is being committed to source control, you are also saving your credentials to source control. Best practice here is to keep .npmrc in your project root that only has that first line, the one that tells npm which registry to connect to. Then, create a new file at ~/.npmrc (if you are using Windows you can use git bash to help put it in the right place) and just add the other two lines, the ones with your credentials. This will keep your creds local to your machine and the file with the registry note can safely be committed.

Also, remember that the credentials you generate from the Azure package registry are good for 90 days at the most, so at some point you will get the unauthorized error message again and you will need to update the credentials in your local ~/.npmrc file.

mherzig
  • 1,528
  • 14
  • 26
13

I just experienced this gotcha with the Azure DevOps portal:

One of my colleagues couldn't connect. It turned out that the Azure DevOps portal inserted the text %40Local after the feed name if you copy the feed URL in the browser as I did when sharing it over MS Teams.

What my portal showed:

; begin auth token
//pkgs.dev.azure.com/<company>/_packaging/<feed>/npm/registry/:username=xxx
//pkgs.dev.azure.com/<company>/_packaging/<feed>/npm/registry/:_password=[BASE64_ENCODED_PERSONAL_ACCESS_TOKEN]
//pkgs.dev.azure.com/<company>/_packaging/<feed>/npm/registry/:email=npm requires email to be set but doesn't use the value
//pkgs.dev.azure.com/<company>/_packaging/<feed>/npm/:username=xxx
//pkgs.dev.azure.com/<company>/_packaging/<feed>/npm/:_password=[BASE64_ENCODED_PERSONAL_ACCESS_TOKEN]
//pkgs.dev.azure.com/<company>/_packaging/<feed>/npm/:email=npm requires email to be set but doesn't use the value
; end auth token

What his portal showed:

; begin auth token
//pkgs.dev.azure.com/<company>/_packaging/<feed>%40Local/npm/registry/:username=xxx
//pkgs.dev.azure.com/<company>/_packaging/<feed>%40Local/npm/registry/:_password=[BASE64_ENCODED_PERSONAL_ACCESS_TOKEN]
//pkgs.dev.azure.com/<company>/_packaging/<feed>%40Local/npm/registry/:email=npm requires email to be set but doesn't use the value
//pkgs.dev.azure.com/<company>/_packaging/<feed>%40Local/npm/:username=xxx
//pkgs.dev.azure.com/<company>/_packaging/<feed>%40Local/npm/:_password=[BASE64_ENCODED_PERSONAL_ACCESS_TOKEN]
//pkgs.dev.azure.com/<company>/_packaging/<feed>%40Local/npm/:email=npm requires email to be set but doesn't use the value
; end auth token

That caused a mismatch with the repository URL in the projects .npmrc

To fix it: Make sure the URL is correct and is matching in both user .npmrc and project .npmrc

Jonas Stensved
  • 14,378
  • 5
  • 51
  • 80
3

None of the many answers I've seen worked for me. Here's what did work for me:

If you haven't already then run: npm i -g vsts-npm-auth
Open Powershell and run: vsts-npm-auth -config .npmrc -T $HOME/.npmrc

Those 2 commands fixed my case.

P.Brian.Mackey
  • 43,228
  • 68
  • 238
  • 348
  • 3
    How do you run `npm i -g vsts-npm-auth` if you have this issue? – runnerpaul Feb 18 '22 at 14:46
  • @runnerpaul That command would only install the vsts-npm-auth package globally on your system, which is independent of this issue? – Kim Skogsmo Sep 08 '22 at 09:50
  • @Kim Skogsmo I think runnerpaul is saying that when you try to download the vsts-npm-auth that one will also give the 401 as the authorization failed. So you will never get passed that, in this case. (PAT token should help to make the first download though) – Michael May 09 '23 at 20:48
2

I've had the same error message for a slightly different reason and was scratching my head for a long time over it. Just posting here in case it helps anyone else.

vsts-npm-auth for me is outputting the new .npmrc file with its token/credentials into a .npmrc file in an old 'homes' share mapped to W: drive. (still don't know why it's doing that)

whereas npm was looking for those credentials/tokens in c:\users\[username]\.npmrc and finding old stale creds.

my workaround was to copy and paste the creds from w:\.npmrc and paste them over the creds in c:\users\[username]\.npmrc

Ben
  • 21
  • 2
1

My issue was caused by the fact that running vsts-npm-auth command wrote the URLs for username and password into my .npmrc file at %USERPROFILE%\.npmrc that were missing the last URL segment /registry. I added the /registry segment to my user .npmrc file and all is well again.

jreancsu
  • 421
  • 5
  • 13
1

First, make sure that you have installed 'vsts-npm-auth' package. If not run:

npm install -g vsts-npm-auth

Then run vsts-npm-auth -config .npmrc

It will ask you to authenticate/verify your azure devops account.

Then run npm install

Ranul Navojith
  • 21
  • 4
1

On my side I needed to delete the file in my user folder folder first.

rm C:\Users\<YourUserName>\.npmrc

After that I was able to run

vsts-npm-auth -config .npmrc

Laurent
  • 662
  • 2
  • 10
  • 13
0

We also encountered this issue when multiple scoped artifact feeds were in use but none of the answers here helped.

Running vsts-npm-auth -config .npmrc worked successfully, but when running npm commands, it would respond with the error mentioned in the OP's question.

We added the following line into our project's .npmrc file:

always-auth=true

After doing this, we re-ran the npm command and successfully authenticated.

Reisclef
  • 2,056
  • 1
  • 22
  • 25
0

follow the steps

  1. npm install -g vsts-npm-auth
  2. vsts-npm-auth -config ./$filepath/.npmrc you should mention the file path

if the issue still exists then use(it will redirect to a popup there you want to re login with your credentials) 3. vsts-npm-auth -config ./$filepath/.npmrc -r -f -v normal

Shibin Mariyan Stanly
  • 330
  • 3
  • 13
0

Go to feeds in artifacts section then click on 'connect to feed' and select npm then you will be able to see this line: "Having issues? See the instructions for using a Personal Access Token to authenticate."

Click on this line then some content(token) will come up, replace your old content of user level .npmrc file with this content and save it. Close and open your editor again. It has worked for me and hopefully it will also work for you.

desertnaut
  • 57,590
  • 26
  • 140
  • 166
Sarthak gupta
  • 1
  • 2