Skip to content
Latchkey

Azure Pipelines npm "ENEEDAUTH" on an Azure Artifacts feed

npm needs credentials for a private Azure Artifacts feed but the request was anonymous. The project .npmrc points at the feed, but CI never injected a token, so npm reports ENEEDAUTH.

What this error means

npm install fails with npm ERR! code ENEEDAUTH and npm ERR! need auth This command requires you to be logged in to ..., naming the Azure Artifacts registry.

Azure DevOps
npm ERR! code ENEEDAUTH
npm ERR! need auth This command requires you to be logged in to
https://pkgs.dev.azure.com/org/_packaging/feed/npm/registry/

Common causes

The feed .npmrc has no token in CI

Local dev uses a cached login, but the CI agent has no credential for the feed, so npm sends an anonymous request and is rejected.

npmAuthenticate did not run before install

The auth task that writes a token into .npmrc was missing, or ran after the install step.

How to fix it

Authenticate the feed before installing

Run the npmAuthenticate task against your project .npmrc so npm gets a token, then install.

azure-pipelines.yml
- task: npmAuthenticate@0
  inputs:
    workingFile: '.npmrc'
- script: npm ci
  displayName: 'Install'

Point .npmrc at the feed registry

Ensure the committed .npmrc registers the Azure Artifacts feed that npmAuthenticate then injects a token for.

.npmrc
registry=https://pkgs.dev.azure.com/org/_packaging/feed/npm/registry/
always-auth=true

How to prevent it

  • Run npmAuthenticate before any npm install against a private feed.
  • Commit an .npmrc that points at the feed with always-auth=true.
  • Never commit tokens; let the auth task inject them at run time.

Related guides

Tired of flaky CI? Latchkey auto-heals failed jobs and retries them for you. Start free →