Installing packages from github npm registry - auth error 401

Question

I have just published a private package on GitHub, trying to figure out how it should be working. now I'm trying to install it in another project. I authenticated with npm login --registry=https://npm.pkg.github.com with an access token that has write:packages, read:packages and repo privileges. While trying to run npm install https://npm.pkg.github.com/@orgname/package-name I get an error message:

npm ERR! code E401 npm ERR! Unable to authenticate, need: Basic realm="GitHub Package Registry" 

How can I add/get this privilege?

Answer 1

You need to generate a personal access token on Github and add it to your npm config in addition to setting the registry in the npm config:

• In Github navigate to https://github.com/settings/tokens (Settings > Developer settings > Personal access tokens) and you should see something like this:

• Click Generate new token
• From the permissions select at least read:packages

• Click Generate token and copy the token

• Add the following to your local .npmrc:

  @${OWNER}:registry=https://npm.pkg.github.com //npm.pkg.github.com/:_authToken=${TOKEN} 

See the relevant Github Packages documentation

Related: For Github Actions, be aware of the difference between the GITHUB_TOKEN and a personal access token. The Github Token's permissions are limited to the repository that contains your workflow. For anything else (including granular permissions beyond those allowed for the Github Token) you need a personal access token.

Answer 2

Apparently I'm an idiot who can't read documentation and missed that part:

In the same directory as your package.json file, create or edit an .npmrc file to include a line specifying GitHub Packages URL and the account owner. Replace OWNER with the name of the user or organization account that owns the repository containing your project.

registry=https://npm.pkg.github.com/OWNER