Add a .npmrc to your project, in the same directory as your package.json

; For external packages, i.e. from
; For our css components, to be deprecated
; For our React components, to be deprecated
; For our web components
; For our css components
; For our react components
; Use this if you still use older versions of the packages

Set up credentials


Run vsts-npm-auth in any directory to get an Azure Artifacts token added to your USER (~/.npmrc) .npmrc file

$ npm install -g vsts-npm-auth --registry --always-auth false
$ vsts-npm-auth -config .npmrc

If you're getting errors like: could not find part of path, use the TargetConfig option:

$ vsts-npm-auth -config .npmrc -TargetConfig ~/.npmrc

You don't need to do this every time. npm will give you a 401 Unauthorized error when you need to run it again.

Having issues? See the instructions for using a Personal Access Token to authenticate.


1. Create .npmrc-files

Copy the code below to your USER (~/.npmrc) .npmrc .


2. Create a Personal Access Token

Generate a Personal Access Token with Packaging read & write scopes.

Press "New Token"

Fill out the required information.

3. Base64 the PAT

Base64 encode the personal access token from Step 2.

One safe and secure method of Base64 encoding a string is to:

  1. From a command/shell prompt run:
$ node -e "require('readline') .createInterface({input:process.stdin,output:process.stdout,historySize:0}) .question('PAT> ',p => { b64=Buffer.from(p.trim()).toString('base64');console.log(b64);process.exit(); })"
  1. Paste your personal access token value and press Enter/Return
  2. Copy the Base64 encoded value

Replace all [BASE64_ENCODED_PERSONAL_ACCESS_TOKEN] values in your USER (~/.npmrc) .npmrc file with your personal access token from Step 3.

This will enable you to install @ids-core-scoped packages from our private registry.


We strongly urge you to use environmental variables for usage of the password in your local .npmrc file or any build pipeline npm config!

Azure Devops Pipelines (Windows or Linux agents)

If you want to access ids-core packages in your pipeline, you don't need a PAT if your project is under the if-it organization in Azure Devops.

  1. Make sure your project allows using external resources. Otherwise you will get a 404 error when your pipeline tries to fetch any external packages. Turn these settings off under Project settings (lower left corner in DevOps) -> Pipelines -> Settings -> General:
Project settings "Limit job authorization scope to current project" must be off
  1. Add npmAuthenticate to your pipeline YAML, before any npm commands:
- task: npmAuthenticate@0
  displayName: 'npm authenticate within if-it'
    workingFile: path/to/your/.npmrc      # You can use the version of .npmrc that doesn't contain any PATs
  1. Now any npm commands such as install in your Azure DevOps pipeline are able to use packages from ids-core!

Table of Contents

Edit this section, Opens in new window
Contact us, Opens in new window