52

I downloaded a NodeJS application from GitHub and facing the following error when executing npm install.

npm ERR! code E401
npm ERR! Unable to authenticate, need: Bearer authorization_uri=https://login.windows.net/c1156c2f-a3bb-4fc4-ac07-3eab96da8d10, Basic realm="https://pkgsprodeus21.pkgs.visualstudio.com/", TFS-Federated

My Node version is 6.13.1 and NPM version is 6.13.4. Following is the content of package.json file:

{
  "name": "DemoApp",
  "version": "1.0.0",
  "description": "A social oasis for lovers of pizza.",
  "repository": "****",
  "main": "index.js",
  "scripts": {
    "start": "node index.js"
  },
  "author": "****",
  "license": "MIT",
  "dependencies": {
    "@hapi/boom": "7.4.2",
    "@hapi/catbox": "10.2.1",
    "@hapi/catbox-redis": "5.0.2",
    "@hapi/cookie": "10.1.0",
    "@hapi/good": "8.2.0",
    "@hapi/good-squeeze": "5.2.0",
    "@hapi/hapi": "18.3.1",
    "@hapi/inert": "5.2.1",
    "@hapi/joi": "15.1.0",
    "@hapi/vision": "5.5.2",
    "aws-sdk": "2.488.0",
    "bcryptjs": "2.4.3",
    "bootflat": "2.0.4",
    "fs-extra": "8.1.0",
    "handlebars": "4.1.2",
    "lodash": "4.17.13",
    "pg": "7.11.0",
    "sequelize": "5.9.4"
  }
}

I have been stuck at this issue since yesterday and still no luck finding the solution. Any help would be highly appreciated.

Kirill Kobelev
  • 9,986
  • 6
  • 27
  • 48
Gaurav Ahuja
  • 625
  • 1
  • 6
  • 10
  • Could you post a link to the github? I supect that one of the dependencies is secured. – Titulum Jan 24 '20 at 10:34
  • you aren't passing the bearer token back it seems check out this :-https://learning.getpostman.com/docs/postman/sending-api-requests/authorization/#bearer-token it is also applicable for react/angular or any other frontend calling apis to backend. – Rishabh Jain Jan 24 '20 at 10:34
  • I just copy-pasted your package.json file to an empty directory and run `npm i` and it installed everything correctly. Could you try to do it in a clean environment? Also, what OS do you use? – Sebastian Kaczmarek Jan 24 '20 at 10:35
  • 1
    Could you run 'npm whoami', if this returns something, try 'npm logout' then try npm i again – Inch High Jan 24 '20 at 10:38
  • @SebastianKaczmarek I am using Windows 10. – Gaurav Ahuja Jan 24 '20 at 11:35
  • @InchHigh 'npm whoami' returns following npm ERR! code ENEEDAUTH npm ERR! need auth This command requires you to be logged in. npm ERR! need auth You need to authorize this machine using `npm adduser` – Gaurav Ahuja Jan 24 '20 at 11:37
  • @SebastianKaczmarek what do you exactly mean by a clean environment.Are you suggesting to uninstall Node & then install again? – Gaurav Ahuja Jan 24 '20 at 11:44
  • @Titulum: Following is the GitHub link: https://github.com/ryanmurakami/pizza-luvrs/issues/10 – Gaurav Ahuja Jan 24 '20 at 11:45
  • @GauravAhuja No, I mean try to install those dependencies on some isolated environment in order to isolate the issue and make sure it is not connected to something specific on your OS – Sebastian Kaczmarek Jan 24 '20 at 12:26
  • I tried to run `npm i --save keycloak-angular` and faced the same issue on Ubuntu 18. I get the following error: `npm ERR! code E401 npm ERR! Unable to authenticate, need: Bearer authorization_uri=https://login.windows.net/68f955b9-2bc2-436c-8ccd-adad7ff63380, Basic realm="https://pkgsprodsin1.app.pkgs.visualstudio.com/", TFS-Federated` – dhiraka Jul 13 '20 at 11:45

12 Answers12

59

This is what worked for me.

First, delete the .npmrc file in your Users folder. This folder:

C:\Users\[your user name]

Then run this command in your project folder that has an .npmrc file in it:

npx vsts-npm-auth -config .npmrc
LCIII
  • 2,286
  • 3
  • 21
  • 36
35

Use npm install --registry https://registry.npmjs.org instead of npm install

dhiraka
  • 599
  • 4
  • 11
18

No need to delete the .npmrc file, the following worked for me

npm logout

Then

vsts-npm-auth -config .npmrc
djb
  • 197
  • 2
  • 3
12

If you get E401 with a private npm registry after upgrading to npm v7, remove your package-lock.json and reinstall.

The registry url setting in .npmrc needs to match the http/https protocol in your package-lock.json exactly.

Or as Stuart pointed out: find and replace to update the existing lock file with the correct URL

blub
  • 7,744
  • 4
  • 25
  • 36
4

I had this exactly same error and turned out it was an issue with personal access token (PAT). Renew your PAT and run vsts-npm-auth.

FDuarte
  • 65
  • 1
  • 2
4

Worked for me:

  • Delete the yarn.lock/package-lock.json files
  • npm install
Izhar
  • 53
  • 4
  • Your answer could be improved with additional supporting information. Please [edit] to add further details, such as citations or documentation, so that others can confirm that your answer is correct. You can find more information on how to write good answers [in the help center](/help/how-to-answer). – Community Oct 23 '21 at 08:32
3

Delete old .npmrc file from user home directory and then run the following command

vsts-npm-auth -config .npmrc -T $HOME/.npmrc

Amir
  • 115
  • 1
  • 6
  • `npx vsts-npm-auth -C .npmrc -T %HOMEDRIVE%%HOMEPATH%\\.npmrc` - if you inherit a project that only supports windows >.> | You may need to `rename %HOMEDRIVE%%HOMEPATH%\\.npmrc %HOMEDRIVE%%HOMEPATH%\\.npmrc.bak` or add -force. In the $HOME/.npmrc, you may need to change //visualstudio to / h t t p s :/ /visualstudio – TamusJRoyce Jan 27 '22 at 05:44
2

This issue comes from a wrong configuration in your .npmrc file. I had a slightly different error so I'm sharing it here.

In my case the exact error was:

Unable to authenticate, need: Bearer realm="<registry>", Basic realm="<registry>"

My npmrc file should connect to a private npm registry and looked like this:

registry=https://<private-registry>
//<private-registry>:_authToken=<token>
//<private-registry>:always-auth=true

The issue was that I needed to add the https:// protocol also to the second and third line and it worked. In the end it looked like this:

registry=https://<private-registry>
    //https://<private-registry>:_authToken=<token>
    //https://<private-registry>:always-auth=true
beckersense
  • 33
  • 7
  • If you have a new question, please ask it by clicking the [Ask Question](https://stackoverflow.com/questions/ask) button. Include a link to this question if it helps provide context. - [From Review](/review/late-answers/30354186) – Bracken Nov 16 '21 at 16:50
1

I solved it running this command:

npm logout/npm login
Virmerson
  • 19
  • 2
0

I had the same error with our company registry configured in .npmrc

registry=https:<compnay-registry-url>

Node version : 16.10.0
NPM version : 7.24.0

Solution:

Execute npm login

$ npm login
npm notice Log in on https:<registry-url>
Username: xxxx
Password:
Email: (this IS public) (xxxx)
Logged in as xxx on https:<registry-url>.

After this .npmrc got updated with

//<registry-url>/:_authToken=xxxxx
Jafar Karuthedath
  • 2,587
  • 23
  • 19
0

I had the same issue, my discovery was as follows:

The application node.js version was 14.0 but the node version in my machine was 16.0. I had to install the node the version 14.0 to resolve the issue.

To manage multiple node versions this tool is highly recommended.

dinith jayabodhi
  • 381
  • 1
  • 6
  • 16
-1

Had the same error. In my case, the initial project including package-lock.json file was composed with NodeJS version 12 and npm version 6. But trying to run npm install on my local machine with NodeJS version 16 and npm version 7 was causing this problem.

My solution was installing dependencies with the initial version of NodeJS. I used docker to get the correct version, run this command from the root directory of your project (where the package.json file is located):

docker run --rm -it \
    -w /app \
    -v $PWD/:/app \
    node:12 \
    npm install

If you do not have docker installed, you can try using nvm.

Alexey Varlamov
  • 131
  • 3
  • 8