Skip to searchSkip to content
npm
Nodejs.cn 旗下网站

创建和查看访问令牌

See Details目录

你可以 创建查看 从网站和命令行接口 (CLI) 访问令牌。

¥You can create and view access tokens from the website and command line interface (CLI).

创建访问令牌

¥Creating access tokens

在网站上创建粒度访问令牌

¥Creating granular access tokens on the website

  1. 在页面右上角,单击你的个人资料图片,然后单击访问令牌。

    ¥In the upper right corner of the page, click your profile picture, then click Access Tokens.

    Screenshot of the account menu with the tokens link selected

  2. 点击“生成新令牌”。

    ¥Click Generate New Token.

    Screenshot of the create new token button

  3. 在令牌名称字段中,输入令牌的名称。

    ¥In the Token name field, enter a name for your token.

  4. (可选的)在描述字段中,输入令牌的描述。

    ¥(Optional) In the Description field, enter a description for your token.

  5. (可选的)如果你希望此令牌绕过 2FA 要求进行写入操作,请选中“绕过双重身份验证”复选框。

    ¥(Optional) Check the Bypass two-factor authentication checkbox if you want this token to bypass 2FA requirements for write actions.

    • 此设置默认未选中(false)。

      ¥This setting is unchecked (false) by default

    • 选中此复选框后,即使在账户或软件包级别启用了双重身份验证 (2FA),此令牌也将绕过 2FA 进行写入操作。

      ¥By checking this box, the token will bypass 2FA for write actions even if 2FA is enabled at the account or package level

  6. (可选的)在允许的 IP 范围字段中,输入要限制访问令牌的 IP 地址范围。你必须使用 CIDR 表示法输入 IP 地址范围。要添加多个允许的 IP 范围,请单击添加 IP 范围并在新文本字段中输入 IP 范围。

    ¥(Optional) In the Allowed IP Ranges field, enter IP address ranges to restrict your access token to. You must use CIDR notation to enter IP address ranges. To add more than one allowed IP range, click Add IP Range and enter an IP range in the new text field.

    Screenshot of the allowed IP ranges section

  7. (可选的)在“包和范围”部分中,配置令牌对包和范围的访问权限。

    ¥(Optional) In the Packages and scopes section, configure your token's access to packages and scopes.

    • 在“权限”下拉菜单中,选择“无访问权限”、“只读”或“读写”。

      ¥In the Permissions dropdown menu, select No access, Read-only, or Read and write.

    • 在选择包下,选择:

      ¥Under Select Packages, select either:

      • 所有包授予用户账户有权访问的所有包的令牌访问权限。

        ¥All Packages to grant the token access to all packages the user account has access to.

      • 仅选择包和范围,以选择最多 50 个特定包或范围来授予令牌访问权限。然后从下拉菜单中选择特定的包或范围。

        ¥Only select packages and scopes to choose up to 50 specific packages or scopes to give the token access to. Then select specific packages or scopes from the dropdown menu.

    Screenshot of the packages and scopes section

  8. (可选的)在“组织”部分中,配置令牌对组织的访问权限。

    ¥(Optional) In the Organizations section, configure your token's access to organizations.

    • 在“权限”下拉菜单中,选择“无访问权限”、“只读”或“读写”。

      ¥In the Permissions dropdown menu, select No access, Read-only, or Read and write.

    • 在选择组织下,选择你想要授予令牌访问权限的组织。

      ¥Under Select organizations, select the organizations you want to grant your token access to.

    Screenshot of the organizations section

    注意:当你向组织授予令牌访问权限时,该令牌只能用于管理组织设置以及与该组织关联的团队或用户。它不赋予令牌发布由组织管理的包的权利。

    ¥Note: When you give a token access to an organization, the token can only be used for managing organization settings and teams or users associated with the organization. It does not give the token the right to publish packages managed by the organization.

  9. 在“过期时间”字段中,从下拉菜单中选择令牌过期期限。你可以从预定义选项中选择,也可以选择“自定义”并使用日期选择器指定自定义过期日期。

    ¥In the Expiration field, select a token expiration period from the dropdown menu. You can choose from predefined options or select Custom to specify a custom expiration date using the date picker.

    注意:该日期必须是未来至少 1 天。

    ¥Note: The date must be at least 1 day in the future.

  10. 查看令牌摘要,然后单击生成令牌。

    ¥Review the token summary, then click Generate Token.

Screenshot of the granular access token summary and the generate token button

  1. 从页面顶部复制令牌。

    ¥Copy the token from the top of page.

使用 CLI 创建令牌

¥Creating tokens with the CLI

注意:目前你无法通过 CLI 创建细粒度访问令牌。你必须使用该网站来生成这些类型的令牌。未来将添加通过 npm token CLI 命令创建细粒度访问令牌的支持。欲了解更多信息,请参阅“在网站上创建粒度访问令牌”。

¥Note: You cannot create granular access tokens from the CLI currently. You must use the website to generate these types of tokens. Support for creating granular access tokens via npm token CLI command will be added in the future. For more information, see "Creating granular access tokens on the website."

查看访问令牌

¥Viewing access tokens

注意:永远不会显示完整的标记,只会显示第一个和最后四个字符。你只能在创建后立即查看完整的令牌。

¥Note: Full tokens are never displayed, only the first and last four characters will be shown. You can only view a full token immediately after creation.

在网站上查看令牌

¥Viewing tokens on the website

要查看与你的账户关联的所有令牌,请在页面右上角单击你的个人资料图片,然后单击访问令牌。

¥To view all tokens associated with your account, in the upper right corner of the page, click your profile picture, then click Access Tokens.

Screenshot of the account menu with the tokens link selected

在 CLI 上查看令牌

¥Viewing tokens on the CLI

要查看与你的账户关联的所有令牌,请在命令行上运行以下命令:

¥To view all tokens associated with your account, on the command line, run the following command:

npm token list

令牌属性

¥Token attributes

  • id:使用令牌 ID 来引用命令中的令牌。

    ¥id: Use the token ID to refer to the token in commands.

  • 令牌:实际令牌的第一个数字。

    ¥token: The first digits of the actual token.

  • 创建时间:创建令牌的日期。

    ¥created: Date the token was created.

  • 网段白名单:限制 IP 地址使用令牌。

    ¥CIDR whitelist: Restricts token use by IP address.

npm v11.7 中文网 - 粤ICP备13048890号

目录