Azure Devops NPM Auth

The ado-npm-auth package can automatically use the azureauth CLI to fetch tokens and update a user's .npmrc file for authenticating to ADO package feeds.

You'll first need an .npmrc in your project such as...

``text registry=https://pkgs.dev.azure.com/org/project/_packaging/feedname/npm/registry/`

You can run the binary "ado-npm-auth" via yarn ado-npm-auth or npm exec ado-npm-auth.

It will then shell out to the azureauth package on npm, retrieve a token, and update your ~/.npmrc.

`ado-npm-auth vs vsts-npm-auth`

The main difference between the two is how they function, and where they can run. The vsts-npm-auth tool is Windows only, and uses MSAL authentication.

ado-npm-auth uses the node-azureauth library, to wrap the azureauth-cli, which itself is a cross platform MSAL wrapper.

!screenshot of tool running

Since the azureauth-cli is cross-platform, ado-npm-auth will also run cross-platform as well!

One of the easiest ways to use the tool is to add it to your "preinstall" script in your repo like this...

`json "scripts": { "preinstall": "npm exec ado-npm-auth" },`

It will then perform a quick "pre-flight" check to assess if the token is valid, and generate a new one if it has expired.

!screenshot of tool running via preinstall

`$3`

You may need to set the registry to the public NPM feed when running npm exec or npx.

There are 2 options to address this case:

`$3`


You can hop one directory up, or run it from an arbitrary path and pass the configuration.

cmd
pushd ..
npx ado-npm-auth -c \.npmrc
popd


$3

If that's the case, set the environment variable

npm_config_registry=https://registry.npmjs.org.

That will ensure that npx or npm exec grabs from the public NPM feed, bypassing the soon-to-be authenticated ADO feed.

`json "scripts": { "preinstall": "npm_config_registry=https://registry.npmjs.org npm exec ado-npm-auth" },``

Azure Devops NPM Auth

The ado-npm-auth package can automatically use the azureauth CLI to fetch tokens and update a user's .npmrc file for authenticating to ADO package feeds.

You'll first need an .npmrc in your project such as...

``text registry=https://pkgs.dev.azure.com/org/project/_packaging/feedname/npm/registry/`

You can run the binary "ado-npm-auth" via yarn ado-npm-auth or npm exec ado-npm-auth.

It will then shell out to the azureauth package on npm, retrieve a token, and update your ~/.npmrc.

`ado-npm-auth vs vsts-npm-auth`

The main difference between the two is how they function, and where they can run. The vsts-npm-auth tool is Windows only, and uses MSAL authentication.

ado-npm-auth uses the node-azureauth library, to wrap the azureauth-cli, which itself is a cross platform MSAL wrapper.

!screenshot of tool running

Since the azureauth-cli is cross-platform, ado-npm-auth will also run cross-platform as well!

One of the easiest ways to use the tool is to add it to your "preinstall" script in your repo like this...

`json "scripts": { "preinstall": "npm exec ado-npm-auth" },`

It will then perform a quick "pre-flight" check to assess if the token is valid, and generate a new one if it has expired.

!screenshot of tool running via preinstall

`$3`

You may need to set the registry to the public NPM feed when running npm exec or npx.

There are 2 options to address this case:

`$3`


You can hop one directory up, or run it from an arbitrary path and pass the configuration.

cmd
pushd ..
npx ado-npm-auth -c \.npmrc
popd


$3

If that's the case, set the environment variable

npm_config_registry=https://registry.npmjs.org.

That will ensure that npx or npm exec grabs from the public NPM feed, bypassing the soon-to-be authenticated ADO feed.

`json "scripts": { "preinstall": "npm_config_registry=https://registry.npmjs.org npm exec ado-npm-auth" },``