Version: 2021.3
Solving network issues
Customizing the shared cache locations

Scoped registry authentication

Some organizations host their own packages on private package registries that require authentication to access. If you are an employee or customer of one of those organizations, you must configure a scoped registry with npm authentication. To set this up, get an npm authentication token and then add that token to your user configuration file.

Fetching the npm authentication token

The process of creating and accessing an npm authentication token is different for each registry provider. For example, JFrog’s Bintray and Artifactory repository managers use a different procedure to generate the authentication token from npm. This is an example of a typical procedure, but you need to follow the process recommended by the specific package registry provider for your scoped registry.

To fetch an authentication token from npm:

  1. Install npm locally on your machine.

  2. From a terminal, enter this command to log into the registry:

    $ npm login --registry <registry url>

  3. Locate and open the generated .npmrc file.

  4. Locate either the _authToken or the _auth entry and copy its value (see the example below).

    Depending on the registry, the token string can be either a GUID, a token, or a proprietary-formatted string.

Examples of .npmrc files

This is an example of an .npmrc file containing an _authToken attribute:


This is an example of an .npmrc file containing an_auth attribute:

_auth=<AUTH TOKEN>

Configuring authentication information

Store your token information for each scoped registry that requires authentication in the .upmconfig.toml user configuration file using the npmAuth configuration schema. Once you save this information to the configuration file, Package Manager will provide your authentication information on every request made to each registry in the file.

Follow these instructions to add your authentication information to the user configuration file:

  1. Locate the .upmconfig.toml user configuration file. If the file does not already exist, create an empty text file.

  2. Format your authentication information using a schema, depending on whether you are using a Bearer (token-based) or Basic (Base64-encrypted) authentication mechanism:

[npmAuth."<REGISTRY URL>"]
email = "<EMAIL>"
alwaysAuth = <BOOLEAN>

This table clarifies how to specify the configuration file values:

Entry: Description:
[npmAuth."<REGISTRY URL>"] Required. URL for the registry. For example, [npmAuth.""].
<TOKEN-PROPERTY> = "<TOKEN-VALUE>" Required. The authentication token generated from the npm registry. This could be either a GUID, a token, or a proprietary-formatted string. For example, this could be either token = "<AUTH TOKEN>" (Bearer) or _auth = "<BASE64 TOKEN>" (Basic).
email Optional. Email address for the user matching the user’s email on the registry.
alwaysAuth Optional. Set to true if the package metadata and tarballs are not located on the same server. Typically, you can copy the value from the .npmrc file you generated.

Example using Bearer authentication

token = "NpmToken.2348c7ea-6f86-3dbe-86b6-f257e86569a8"
alwaysAuth = true

token = "eaJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJyZWFsX2dyb3VwcyI6WyJwYXNjYWxsIl0sIm5hbWUiOiJwYXNjYWxsIiwiZ3JvdXBzIjpbInBhc2NhbGwiLCIkYWxsIiwiJGF1dGhlbnRpY2F0ZWQiLCJAYWxsIiwiQGF1dGhlbnRpY2F0ZWQiLCJhbGwiLCJwYXNjYWxsIl0sImlhdCI6MTU3NDY4ODQ5MCwibmJmIjoxNTc0Njg4NDkxLCJleHAiOjE1Nzk4NzI0OTB9.qF8_0ue1ppraWLkReT06AMG6R7RZuDiV2XinxMkdSo0"

token = "aGFzY2FsbDo4ZWIwNTM5NzBjNTI3OTIwYjQ4MDVkYzY2YWEzNmQxOTkyNDYzZjky"
email = ""
alwaysAuth = true
Solving network issues
Customizing the shared cache locations
Copyright © 2020 Unity Technologies
优美缔软件(上海)有限公司 版权所有
"Unity"、Unity 徽标及其他 Unity 商标是 Unity Technologies 或其附属机构在美国及其他地区的商标或注册商标。其他名称或品牌是其各自所有者的商标。