How to Use Private npm Modules with CircleCI


To install a private npm module as a dependency, some form of authentication needs to be done. There’s two ways to do this:

  • Using npm login. This is the most common way, but needs a fancy command to get it working in a CI environment. You can find instructions for this here.
  • Using npm tokens. Newer versions of npm support tokens. The official npm docs covers tokens here. The summary version is that when npm login is used on your local machine, a token is generated and saved in the corresponding .npmrc for that module/project. If you go this route, you’ll want to find that token in the file (format is 00000000-0000-0000-0000-000000000000) and set it as the environment variable (envar) NPM_TOKEN. See private environment variables for more information. Then replace the token in .npmrc with the envar.

Alternate Registries

By default, using npm login will use npm’s official module registry If the private modules happens to be on a third-party registry, maybe your own, you can add --registry= to the command. Here’s an example:

    - echo -e "$NPM_USER\n$NPM_PASS\n$NPM_EMAIL" | npm login --registry=

Note: The example above is if you went with the first method of authenticating above.

Not Using a Registry At All

If you don’t want to login to a remote registry to download private modules, npm install gives you other options.

  • Local directory. If you can get the module via other means (maybe a script), then you can run npm install . if you are in the directory or npm install path/to/module for elsewhere in the file system.
  • Git. You can always rely on a Git repository like this npm install git://