[npm tokens] - Named token

It would be great to have the ability to name tokens we create on npmjs.com.

This would be super useful if you want to segregate rights you give to different third party tools. Especially when you have private repositories.

At the same time, you know which token you are deleting, if for any reason you want to delete one of them. No more mis-deleted token :-)

9 Likes

As someone who just spent 30 minutes confused and unable to publish a package, only to realize I was accidentally using a read-only token from a different part of my app, I fully encourage naming or adding descriptions to tokens!

Here to +1 this.

Knowing what each of the tokens I’ve created is used for would be super useful when it comes to knowing what exactly has permissions to publish my packages.

The corollary of this that I currently have no way of knowing what currently has permission to publish my packages, which is probably bad.

2 Likes

+1.

Having the ability to add a name and/or description to a token is a much needed feature for keeping track of token usage. Without such a feature people are forced to keep track of that externally, or not at all which invites all the risks of the first poster listed.

The corollary of this that I currently have no way of knowing what currently has permission to publish my packages, which is probably bad.

+1 greate idea

Yeah, and when you irreversibly delete the token on local environment, either due to mis-deleting the .npmrc file or a complete system wipe, you will realize there is no way to determine which token to delete from the npm profile (not without checking all other tokens). +1 to this.