NPM ERR Code E401: Unable to authenticate, need: Bearer authorization

Question

I downloaded a NodeJS application from GitHub and facing the following error when executing npm install.

npm ERR! code E401
npm ERR! Unable to authenticate, need: Bearer authorization_uri=https://login.windows.net/c1156c2f-a3bb-4fc4-ac07-3eab96da8d10, Basic realm="https://pkgsprodeus21.pkgs.visualstudio.com/", TFS-Federated

My Node version is 6.13.1 and NPM version is 6.13.4. Following is the content of package.json file:

{
  "name": "DemoApp",
  "version": "1.0.0",
  "description": "A social oasis for lovers of pizza.",
  "repository": "****",
  "main": "index.js",
  "scripts": {
    "start": "node index.js"
  },
  "author": "****",
  "license": "MIT",
  "dependencies": {
    "@hapi/boom": "7.4.2",
    "@hapi/catbox": "10.2.1",
    "@hapi/catbox-redis": "5.0.2",
    "@hapi/cookie": "10.1.0",
    "@hapi/good": "8.2.0",
    "@hapi/good-squeeze": "5.2.0",
    "@hapi/hapi": "18.3.1",
    "@hapi/inert": "5.2.1",
    "@hapi/joi": "15.1.0",
    "@hapi/vision": "5.5.2",
    "aws-sdk": "2.488.0",
    "bcryptjs": "2.4.3",
    "bootflat": "2.0.4",
    "fs-extra": "8.1.0",
    "handlebars": "4.1.2",
    "lodash": "4.17.13",
    "pg": "7.11.0",
    "sequelize": "5.9.4"
  }
}

Any help would be highly appreciated.

Answer 1

Delete old .npmrc file from user home directory and then run the following command

vsts-npm-auth -config .npmrc -T $HOME/.npmrc

Answer 2

In my case, deleting the node_modules directory and the package-lock.json file resolved the issue.

Answer 3

In my case, package-lock.json gets packages from an internal company feed and I was not authenticated to use it, so I needed to get rid of locally cached credentials first and then create the correct authentication file (.npmrc in users folder) for everything to work:

1. Delete .npmrc file from c:\users\alias folder

2. Delete .npmrc file from project folder

3. Run this command to install vsts-npm-auth package:

   npm install -g vsts-npm-auth

4. Add .npmrc file back to project folder

5. Run npx vsts-npm-auth -config .npmrc to refresh the credentials -> this will create .npmrc file in users/alias folder with updated credentials

npm install and other commands works as expected

The reason we do #2 and #4 is that if we try to install packages without deleting this file, it would try to get the package from the internal feed, and fail.

Answer 4

First, delete the .npmrc file in your Users folder. This folder:

C:\Users\[your user name]

Then run this command in your project folder that has an .npmrc file in it:

npx vsts-npm-auth -config .npmrc

Answer 5

This worked for me. I just logged in again in NPM and the problem was solved

npm login

After you write your username and password execute again

npm install

Answer 6

Using a Mac and Azure - it was because my Personal Access Token (PAT) had expired and it didn't let me know.

Open your .npmrc with your auth tokens in.

Go to your Azure repo and click your profile and then personal access tokens.

Create a new token.

Open terminal and run:

node -e "require('readline') .createInterface({input:process.stdin,output:process.stdout,historySize:0}) .question('PAT> ',p => { b64=Buffer.from(p.trim()).toString('base64');console.log(b64);process.exit(); })"

Paste your PAT in and press Enter

Copy the Base64 encoded value into your .npmrc password.

Answer 7

Just run npm run reauthenticateNpmAuth

It'll open an Azure login. Use your Azure DevOps credentials to authenticate

Answer 8

I had the same issue caused by an expired token in the .npmrc file in my project directory. Sadly the error is very unspecific on what causes the auth error.

Answer 9

For me the the problem was in .npmrc file the key password needed to be changed to _password then npm install worked.

Answer 10

If you are trying to install any package from your private repo and you are getting this error with npm i package_name command then

1. remove your package-lock.json from the the directory where to tried to create the package from 
2. reinstall dependencies: npm i 

this will resolve the issue.

Answer 11

I had the same issue, my discovery was as follows:

The application node.js version was 14.0 but the node version in my machine was 16.0. I had to install the node the version 14.0 to resolve the issue.

To manage multiple node versions this tool is highly recommended.

• windows - Nvm for windows

• Linux - Nvm for Linux

Answer 12

If you get E401 with a private npm registry after upgrading to npm v7, remove your package-lock.json and reinstall.

The registry url setting in .npmrc needs to match the http/https protocol in your package-lock.json exactly.

Or as Stuart pointed out: find and replace to update the existing lock file with the correct URL

Answer 13

I had the same error with our company registry configured in .npmrc

registry=https:<compnay-registry-url>

Node version : 16.10.0
NPM version : 7.24.0

Solution:

Execute npm login

$ npm login
npm notice Log in on https:<registry-url>
Username: xxxx
Password:
Email: (this IS public) (xxxx)
Logged in as xxx on https:<registry-url>.

After this .npmrc got updated with

//<registry-url>/:_authToken=xxxxx

Answer 14

Had the same error. In my case, the initial project including package-lock.json file was composed with NodeJS version 12 and npm version 6. But trying to run npm install on my local machine with NodeJS version 16 and npm version 7 was causing this problem.

My solution was installing dependencies with the initial version of NodeJS. I used docker to get the correct version, run this command from the root directory of your project (where the package.json file is located):

docker run --rm -it \
    -w /app \
    -v $PWD/:/app \
    node:12 \
    npm install

If you do not have docker installed, you can try using nvm.

Answer 15

This issue comes from a wrong configuration in your .npmrc file. I had a slightly different error so I'm sharing it here.

In my case the exact error was:

Unable to authenticate, need: Bearer realm="<registry>", Basic realm="<registry>"

My npmrc file should connect to a private npm registry and looked like this:

registry=https://<private-registry>
//<private-registry>:_authToken=<token>
//<private-registry>:always-auth=true

The issue was that I needed to add the https:// protocol also to the second and third line and it worked. In the end it looked like this:

registry=https://<private-registry>
    //https://<private-registry>:_authToken=<token>
    //https://<private-registry>:always-auth=true

Answer 16

Worked for me:

• Delete the yarn.lock/package-lock.json files
• npm install

Answer 17

No need to delete the .npmrc file, the following worked for me

npm logout

Then

vsts-npm-auth -config .npmrc

Answer 18

I solved it running this command:

npm logout/npm login

Answer 19

Use npm install --registry https://registry.npmjs.org instead of npm install

Answer 20

I had this exactly same error and turned out it was an issue with personal access token (PAT). Renew your PAT and run vsts-npm-auth.