'Unable to Authenticate' when trying to connect to Azure DevOps Artifacts feed through npm; I get an E401 error

I had an issue where I couldn't connect, even though I had the same .npmrc as other repos on the same machine. Running vsts-npm-auth -config .npmrc just exited, presumably happy with the cached credentials.

However, the credentials it had seemed to be bad. The solution was to force refreshing the token: vsts-npm-auth -config .npmrc -force

This usually happens when you've recently changed your password. To fix this problem, I ran this command within VS Code's Powershell terminal (any terminal will work)

vsts-npm-auth -config .npmrc

With doing so, a GUI popped-up where I was able to select the account I wanted to use to authenticate.

When Microsoft updated changed the name of VSTS to Azure DevOps, they also changed many of the URLs. Most of the old ones still redirect, but it looks like you have a mismatch in your .npmrc file above. Change the URI in the first line to match the other lines, so it looks like this:

registry=https://pkgs.dev.azure.com/[org]/_packaging/[feed].Npm/npm/registry

That should unblock you.

As a note, if you have both the registry and your credentials in the same file, and that file is being committed to source control, you are also saving your credentials to source control. Best practice here is to keep .npmrc in your project root that only has that first line, the one that tells npm which registry to connect to. Then, create a new file at ~/.npmrc (if you are using Windows you can use git bash to help put it in the right place) and just add the other two lines, the ones with your credentials. This will keep your creds local to your machine and the file with the registry note can safely be committed.

Also, remember that the credentials you generate from the Azure package registry are good for 90 days at the most, so at some point you will get the unauthorized error message again and you will need to update the credentials in your local ~/.npmrc file.

I just experienced this gotcha with the Azure DevOps portal:

One of my colleagues couldn't connect. It turned out that the Azure DevOps portal inserted the text %40Local after the feed name if you copy the feed URL in the browser as I did when sharing it over MS Teams.

What my portal showed:

; begin auth token
//pkgs.dev.azure.com/<company>/_packaging/<feed>/npm/registry/:username=xxx
//pkgs.dev.azure.com/<company>/_packaging/<feed>/npm/registry/:_password=[BASE64_ENCODED_PERSONAL_ACCESS_TOKEN]
//pkgs.dev.azure.com/<company>/_packaging/<feed>/npm/registry/:email=npm requires email to be set but doesn't use the value
//pkgs.dev.azure.com/<company>/_packaging/<feed>/npm/:username=xxx
//pkgs.dev.azure.com/<company>/_packaging/<feed>/npm/:_password=[BASE64_ENCODED_PERSONAL_ACCESS_TOKEN]
//pkgs.dev.azure.com/<company>/_packaging/<feed>/npm/:email=npm requires email to be set but doesn't use the value
; end auth token

What his portal showed:

; begin auth token
//pkgs.dev.azure.com/<company>/_packaging/<feed>%40Local/npm/registry/:username=xxx
//pkgs.dev.azure.com/<company>/_packaging/<feed>%40Local/npm/registry/:_password=[BASE64_ENCODED_PERSONAL_ACCESS_TOKEN]
//pkgs.dev.azure.com/<company>/_packaging/<feed>%40Local/npm/registry/:email=npm requires email to be set but doesn't use the value
//pkgs.dev.azure.com/<company>/_packaging/<feed>%40Local/npm/:username=xxx
//pkgs.dev.azure.com/<company>/_packaging/<feed>%40Local/npm/:_password=[BASE64_ENCODED_PERSONAL_ACCESS_TOKEN]
//pkgs.dev.azure.com/<company>/_packaging/<feed>%40Local/npm/:email=npm requires email to be set but doesn't use the value
; end auth token

That caused a mismatch with the repository URL in the projects .npmrc

To fix it: Make sure the URL is correct and is matching in both user .npmrc and project .npmrc

On my side I needed to delete the file in my user folder folder first.

rm C:\Users\<YourUserName>\.npmrc

After that I was able to run

vsts-npm-auth -config .npmrc

None of the many answers I've seen worked for me. Here's what did work for me:

If you haven't already then run: npm i -g vsts-npm-auth
Open Powershell and run: vsts-npm-auth -config .npmrc -T $HOME/.npmrc

Those 2 commands fixed my case.

I've had the same error message for a slightly different reason and was scratching my head for a long time over it. Just posting here in case it helps anyone else.

vsts-npm-auth for me is outputting the new .npmrc file with its token/credentials into a .npmrc file in an old 'homes' share mapped to W: drive. (still don't know why it's doing that)

whereas npm was looking for those credentials/tokens in c:\users\[username]\.npmrc and finding old stale creds.

my workaround was to copy and paste the creds from w:\.npmrc and paste them over the creds in c:\users\[username]\.npmrc

My issue was caused by the fact that running vsts-npm-auth command wrote the URLs for username and password into my .npmrc file at %USERPROFILE%\.npmrc that were missing the last URL segment /registry. I added the /registry segment to my user .npmrc file and all is well again.

First, make sure that you have installed 'vsts-npm-auth' package. If not run:

npm install -g vsts-npm-auth

Then run vsts-npm-auth -config .npmrc

It will ask you to authenticate/verify your azure devops account.

Then run npm install

I had the same problem authenticating with an Azure DevOps hosted npm feed when trying to run npm install from WSL when I checked my project out to the /home/[username]/src/[projectName] directory.

I tried running vsts-npm-auth -F -config .npmrc from the same directory multiple times and a new token would get generated in Azure DevOps but I would still get the same error when running npm install.

The odd thing was when I checked out the code under WSL to /mnt/c/src/[projectName] authentication would work when running npm install.

I was able to resolve this by manually copying the relevant lines from the .npmrc file in windows at c:\Users\[UserName]\.npmrc to the .npmrc file in WSL at /root/.npmrc.

After I did that, authentication worked when running npm install.

We also encountered this issue when multiple scoped artifact feeds were in use but none of the answers here helped.

Running vsts-npm-auth -config .npmrc worked successfully, but when running npm commands, it would respond with the error mentioned in the OP's question.

We added the following line into our project's .npmrc file:

always-auth=true

After doing this, we re-ran the npm command and successfully authenticated.

follow the steps

1. npm install -g vsts-npm-auth
2. vsts-npm-auth -config ./$filepath/.npmrc you should mention the file path

if the issue still exists then use(it will redirect to a popup there you want to re login with your credentials) 3. vsts-npm-auth -config ./$filepath/.npmrc -r -f -v normal

Go to feeds in artifacts section then click on 'connect to feed' and select npm then you will be able to see this line: "Having issues? See the instructions for using a Personal Access Token to authenticate."

Click on this line then some content(token) will come up, replace your old content of user level .npmrc file with this content and save it. Close and open your editor again. It has worked for me and hopefully it will also work for you.

please try this way

1. Clear your temp files(%temp%)
2. Please check your .npmrc file containing the "always-auth=true"
3. In VS Code, Open terminal and Navigating to your .npmrc file location
4. Execute the command "npx vsts-npm-auth -config .npmrc" then you can receive the below success message

vsts-npm-auth v0.43.0.0

Getting new credentials for source:https:xxxxx.xxx.xxx