This article describes how to authenticate the NPM client with Artifactory SSO users (like SAML, OAuth users).
There are two ways to authenticate the NPM client:
1). Running the npm login command
2). Using basic authentication.
Here, we will be using the Basic Authentication method to authenticate SSO users. As the SSO users (like SAML) are external users to the Artifactory, their password does not store in the Artifactory. So, running the npm login command is not applicable.
In order to use the basic authentication method, generate the auth token by running the below endpoint with the SSO username and API key. Add the generated block directly into .npmrc. NPM authentication with the SSO user is completed. No need to perform the NPM login command.
“curl -u <USERNAME>:<API_KEY> https://url/artifactory/api/npm/auth/”For example :
curl -u xxx@gmail.com:<API KEY> https://hostname/artifactory/api/npm/auth/
Output : _auth = c2FudG9zaEBnbWFpbC5jXXXXYW5zaE56YUpSd3c2Sm1ITlJDWjN2OFJxalpKWHR4c3FNdG5qSHE3b3BzYUpia3JoUUpEb2pNaw== always-auth = true email = xxx@gmail.com
Please note that there is a limitation with the NPM client when the user has “@” in the username (for example xxx@npm.com), the NPM client will not allow authentication through the “npm login” command. In such cases, you can use the above-mentioned basic authentication method. If the SAML username is not an email address, then you can also use the “npm login” command with username and API Key.