npm Token
#
Description#
General- Documentation: https://docs.npmjs.com
- Summary: Npm (Node Package Manager) is a public javascript software registry. Developers can publish and download packages on the platform, organizations may also use npm to manage private packages and development. Npm provides both a CLI and an API to interact with registries. An access token is an alternative to using username and password for authenticating to npm.
- IPs allowlist: A token can be valid only for a given IP address range: this can be specified with the
--cidr
option using the CLI commandnpm token
. - Scopes: Three types of access can be granted to a token when creating it: read-only, automation and publish. Read this documentation for more information.
#
Revoke the secretAccess tokens can be revoked from npm's website or using the CLI. Read this page for more information.
#
Check for suspicious activityThis is not mentioned in the documentation.
Npm token
#
Details for Family: Api
Category: Package registry
Company: npm
High recall: False
Validity check available: False
Minimum number of matches: 1
Occurrences found for one million commits: 4.16
Prefixed: False
PreValidators:
- type: FilenameBanlistPreValidator banlist_extensions: - ^(cs|x|p|s|r|m)?html5?~?$ banlist_filenames: [] check_binaries: false include_default_banlist_extensions: false ban_markup: false- type: ContentWhitelistPreValidator patterns: - npm - _authtoken
#
Examples- text: +//registry.leaking-repos.com/:_authToken=e0cd4d7d-19fx-4p18-86f2-0bbf2c36g6a7 apikey: e0cd4d7d-19fx-4p18-86f2-0bbf2c36g6a7
- text: +//192.168.88.9:8081/repository/npmlocal/:_authToken=NpmToken.4536684c-d492-39pb-89a8-494b52767ccc apikey: 4536684c-d492-39pb-89a8-494b52767ccc
- text: '"_authToken": "b98ec224-cdb2-4340-b7bd-9017fc715d1c"' apikey: b98ec224-cdb2-4340-b7bd-9017fc715d1c
- text: '-export NPM_TOKEN="007e64c7-635d-4d54-8295-f360cb8e2e4f"' apikey: 007e64c7-635d-4d54-8295-f360cb8e2e4f
Npm token prefixed
#
Details for Family: Api
Category: Package registry
Company: npm
High recall: False
Validity check available: False
Minimum number of matches: 1
Occurrences found for one million commits: 3.96
Prefixed: False
PreValidators:
- type: FilenameBanlistPreValidator banlist_extensions: - ^(cs|x|p|s|r|m)?html5?~?$ banlist_filenames: [] check_binaries: false include_default_banlist_extensions: false ban_markup: false- type: ContentWhitelistPreValidator patterns: - npm_
#
Examples- text: +//registry.leaking-repos.com/:_authToken=npm_TCllNwh3WLQlHWVhybM1iQrsTj5rMQ0BOh6d apikey: npm_TCllNwh3WLQlHWVhybM1iQrsTj5rMQ0BOh6d
- text: +//192.168.88.9:8081/repository/npmlocal/:_authToken=npm_TCllNwh3WLQlHWVhybM1iQrsTj5rMQ0BOh6d apikey: npm_TCllNwh3WLQlHWVhybM1iQrsTj5rMQ0BOh6d
- text: '"_authToken": "npm_TCllNwh3WLQlHWVhybM1iQrsTj5rMQ0BOh6d"' apikey: npm_TCllNwh3WLQlHWVhybM1iQrsTj5rMQ0BOh6d
- text: '-export NPM_TOKEN="npm_TCllNwh3WLQlHWVhybM1iQrsTj5rMQ0BOh6d"' apikey: npm_TCllNwh3WLQlHWVhybM1iQrsTj5rMQ0BOh6d