Authentication Settings
The settings on this page contain sensitive credentials and are stored in INI-formatted files. Do not commit these files to your repository.
For non-sensitive settings (proxy, SSL, registries, etc.), see Settings (pnpm-workspace.yaml).
Auth file locations
pnpm reads authentication settings from the following files, in order of priority (highest first):
<workspace root>/.npmrc— project-level auth. This file should be listed in.gitignore.<pnpm config>/auth.ini— the primary user-level auth file.pnpm loginwrites tokens here.~/.npmrc— read as a fallback for easier migration from npm. Use thenpmrcAuthFilesetting to point to a different file.
The <pnpm config> directory is:
- If the $XDG_CONFIG_HOME env variable is set: $XDG_CONFIG_HOME/pnpm/
- On Windows: ~/AppData/Local/pnpm/config/
- On macOS: ~/Library/Preferences/pnpm/
- On Linux: ~/.config/pnpm/
Authentication Settings
<URL>:_authToken
지정된 레지스트리에 액세스할 때 사용할 인증 bearer 토큰을 정의합니다. 예시:
//registry.npmjs.org/:_authToken=xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
환경 변수를 사용할 수도 있습니다. 예시:
//registry.npmjs.org/:_authToken=${NPM_TOKEN}
<URL>:tokenHelper
토큰 헬퍼는 인증 토큰을 출력하는 실행 파일입니다. 이것은 authToken이 상수 값이 아니라 정기적으로 새로 고쳐지는 상황에서 사용할 수 있습니다. 스크립트나 다른 도구가 기존 리프레시 토큰을 사용하여 새 액세스 토큰을 얻을 수 있습니다.
헬퍼에 대한 경로 구성은 인수가 없는 절대 경로여야 합니다. 보안을 위해 사용자 .npmrc에서만 이 값을 설정할 수 있습니다. 그렇지 않으면 프로젝트가 프로젝트의 로컬 .npmrc 에 값을 배치하고 임의의 실행 파일을 실행할 수 있습니다.
기본 레지스트리에 대한 토큰 헬퍼 설정:
tokenHelper=/home/ivan/token-generator
지정된 레지스트리에 대한 토큰 헬퍼 설정:
//registry.corp.com:tokenHelper=/home/ivan/token-generator
Certificate Settings
ca
- Default: The npm CA certificate
- Type: String, Array or null
레지스트리에 대한 SSL 연결을 위해 신뢰되는 인증 기관 서명 인증서입니다. Values should be in PEM format (AKA "Base-64 encoded X.509 (.CER)"). 예시:
ca="-----BEGIN CERTIFICATE-----\nXXXX\nXXXX\n-----END CERTIFICATE-----"
Set to null to only allow known registrars, or to a specific CA cert to trust only that specific signing authority.
Multiple CAs can be trusted by specifying an array of certificates:
ca[]="..."
ca[]="..."
See also the strictSsl setting.
cafile
- Default: null
- 유형: path
A path to a file containing one or multiple Certificate Authority signing certificates. Similar to the ca setting, but allows for multiple CAs, as well as for the CA information to be stored in a file instead of being specified via CLI.
<URL>:cafile
Define the path to a Certificate Authority file to use when accessing the specified registry. 예시:
//registry.npmjs.org/:cafile=ca-cert.pem
<URL>:ca
Added in: v10.25.0
Define an inline Certificate Authority certificate for the specified registry. The value must be PEM-encoded, like the global ca setting, but it only applies to the matching registry URL.
//registry.example.com/:ca=-----BEGIN CERTIFICATE-----...-----END CERTIFICATE-----
cert
- Default: null
- Type: String
A client certificate to pass when accessing the registry. Values should be in PEM format (AKA "Base-64 encoded X.509 (.CER)"). 예시:
cert="-----BEGIN CERTIFICATE-----\nXXXX\nXXXX\n-----END CERTIFICATE-----"
It is not the path to a certificate file.
<URL>:cert
Added in: v10.25.0
Define an inline client certificate to use when accessing the specified registry. 예시:
//registry.example.com/:cert=-----BEGIN CERTIFICATE-----...-----END CERTIFICATE-----
<URL>:certfile
Define the path to a certificate file to use when accessing the specified registry. 예시:
//registry.npmjs.org/:certfile=server-cert.pem
key
- Default: null
- Type: String
A client key to pass when accessing the registry. Values should be in PEM format (AKA "Base-64 encoded X.509 (.CER)"). 예시:
key="-----BEGIN PRIVATE KEY-----\nXXXX\nXXXX\n-----END PRIVATE KEY-----"
It is not the path to a key file. Use <URL>:keyfile if you need to reference the file system instead of inlining the key.
This setting contains sensitive information. Don't write it to a local .npmrc file committed to the repository.
<URL>:key
Added in: v10.25.0
Define an inline client key for the specified registry URL.
//registry.example.com/:key=-----BEGIN PRIVATE KEY-----...-----END PRIVATE KEY-----
<URL>:keyfile
Define the path to a client key file to use when accessing the specified registry. 예시:
//registry.npmjs.org/:keyfile=server-key.pem