npm Token
#
Description#
General- Documentation: https://docs.npmjs.com
- Summary: Npm (Node Package Manager) is a public javascript software registry. Developers can publish and download packages on the platform, organizations may also use npm to manage private packages and development. Npm provides both a CLI and an API to interact with registries. An access token is an alternative to using username and password for authenticating to npm.
- IPs allowlist: A token can be valid only for a given IP address range: this can be specified with the
--cidr
option using the CLI commandnpm token
. - Scopes: Three types of access can be granted to a token when creating it: read-only, automation and publish. Read this documentation for more information.
#
Revoke the secretAccess tokens can be revoked from npm's website or using the CLI. Read this page for more information.
#
Check for suspicious activityThis is not mentioned in the documentation.
Npm token
#
Details for Family: Api
Category: Package registry
Company: npm
High recall: False
Validity check available: False
Minimum number of matches: 1
Occurrences found for one million commits: 4.16
Prefixed: False
PreValidators:
- type: FilenameBanlistPreValidator banlist_extensions: - ^(cs|x|p|s|r|m)?html5?~?$ banlist_filenames: [] check_binaries: false include_default_banlist_extensions: false ban_markup: false- type: ContentWhitelistPreValidator patterns: - npm - _authtoken
#
Examples- text: +//registry.leaking-repos.com/:_authToken=e0cd4d7d-19fx-4p18-86f2-0bbc5e36g6b1 apikey: e0cd4d7d-19fx-4p18-86f2-0bbc5e36g6b1
- text: +//192.168.88.9:8081/repository/npmlocal/:_authToken=NpmToken.4536684c-d492-39pb-89a8-743a59762bcc apikey: 4536684c-d492-39pb-89a8-743a59762bcc
- text: '"_authToken": "b98ec224-cdb2-4340-b7bd-9617fc719d1d"' apikey: b98ec224-cdb2-4340-b7bd-9617fc719d1d
- text: '-export NPM_TOKEN="007e64c7-635d-4d54-8295-f364cd8e0e0f"' apikey: 007e64c7-635d-4d54-8295-f364cd8e0e0f
Npm token prefixed
#
Details for Family: Api
Category: Package registry
Company: npm
High recall: False
Validity check available: False
Minimum number of matches: 1
Occurrences found for one million commits: 3.96
Prefixed: False
PreValidators:
- type: FilenameBanlistPreValidator banlist_extensions: - ^(cs|x|p|s|r|m)?html5?~?$ banlist_filenames: [] check_binaries: false include_default_banlist_extensions: false ban_markup: false- type: ContentWhitelistPreValidator patterns: - npm_
#
Examples- text: +//registry.leaking-repos.com/:_authToken=npm_TBljNfh4TLQlHWVhybV4iXrsNj5bMQ9EMh6d apikey: npm_TBljNfh4TLQlHWVhybV4iXrsNj5bMQ9EMh6d
- text: +//192.168.88.9:8081/repository/npmlocal/:_authToken=npm_TBljNfh4TLQlHWVhybV4iXrsNj5bMQ9EMh6d apikey: npm_TBljNfh4TLQlHWVhybV4iXrsNj5bMQ9EMh6d
- text: '"_authToken": "npm_TBljNfh4TLQlHWVhybV4iXrsNj5bMQ9EMh6d"' apikey: npm_TBljNfh4TLQlHWVhybV4iXrsNj5bMQ9EMh6d
- text: '-export NPM_TOKEN="npm_TBljNfh4TLQlHWVhybV4iXrsNj5bMQ9EMh6d"' apikey: npm_TBljNfh4TLQlHWVhybV4iXrsNj5bMQ9EMh6d