`npm adduser --always-auth` does not always authenticate

cli
priority:low
triaged

(Jb) #1

What I Wanted to Do

I want to add credentials for a private registry and that all calls are always authenticated

What Happened Instead

Credentials are present in the .npmrc file but calls to this registry are not authenticated

Reproduction Steps

npm adduser --registry=https://npm.example.com --scope=@example-private --always-auth
npm install @example-private/test -g

npm ERR! code E403
npm ERR! 403 Forbidden: @example-private/test

npm ERR! A complete log of this run can be found in:
npm ERR!     /Users/jblandry/.npm/_logs/2018-09-21T19_01_07_348Z-debug.log

Details

~/.npmrc content

@example-private:registry=https://npm.example.com/
//npm.example.com/:_authToken=M2PAaZhLo0jckUq6PxUEi9XKqdmJ9D9KlpEYPyXnegVR84yJNiilZA0X+ZkuwR2T

Platform Info

$ npm --versions
{ npm: '6.4.1',
  ares: '1.14.0',
  cldr: '33.1',
  http_parser: '2.8.0',
  icu: '62.1',
  modules: '64',
  napi: '3',
  nghttp2: '1.33.0',
  node: '10.11.0',
  openssl: '1.1.0i',
  tz: '2018e',
  unicode: '11.0',
  uv: '1.23.0',
  v8: '6.8.275.32-node.28',
  zlib: '1.2.11' }

$ node -p process.platform
darwin

(Kat Marchán) #2

I have a strong suspicion this is a bug with your third-party registry. Can you verify on that registry’s side that you’re actually receiving the bearer token? I suspect you would be.