npm Community Forum (Archive)

The npm community forum has been discontinued.

To discuss usage of npm, visit the GitHub Support Community.

Publish on CI with 2fa?

How do I publish on CI when I have two-factor authentication enabled?

I want to have the benefits of two-factor auth for most operations involving humans, but my team’s setup involves publishing packages through CI builds. Is there any way to do this safely?


This isn’t currently possible, and it’s unclear when we’ll have this available.

In the meantime, you might be able to increase security without having to go straight to 2fa by using 2fa for auth-only and creating a CIDR-restricted token for CI:

https://docs.npmjs.com/getting-started/working_with_tokens#how-to-create-a-new-cidr-restricted-token