The npm E400 Bad Request error occurs when npm sends a malformed or invalid request to the registry. Common causes include misconfigured registry settings, invalid package.json formatting, or scope mismatches when publishing packages.
An HTTP 400 Bad Request response from the npm registry indicates that npm sent a request the server couldn't process. This typically happens during install or publish operations when the request itself is invalid—either due to malformed JSON in package.json, incorrect registry configuration, wrong scope ownership, or authentication issues. Unlike 401 (unauthorized) or 404 (not found) errors, a 400 error means the server understood your intent but rejected the request format or content. The error can occur in multiple npm operations: installing packages from a registry, publishing new packages, or updating existing packages.
Check your current registry configuration and ensure it's pointing to the official npm registry.
npm config get registry
npm config set registry https://registry.npmjs.org/
npm config get registryIf you intentionally use a private registry, verify the URL is correct and accessible.
Corrupted cache or cached authentication tokens can cause the registry to reject requests.
npm cache clean --force
rm -rf node_modules package-lock.json
npm installThis forces npm to fetch fresh metadata and cache from the registry.
An E400 error when publishing often means your package.json has invalid syntax or fields. Validate the JSON and check critical fields.
cat package.json | jq .
npm lsEnsure your package.json contains:
- Valid JSON syntax (no trailing commas, proper quotes)
- Valid package name (lowercase, no spaces, only hyphens/underscores for separators)
- Valid version (semantic versioning: major.minor.patch)
- If publishing to a scoped registry: scope matches your organization
If you're publishing a scoped package, ensure the scope matches your registry organization.
cat ~/.npmrc
# For Nexus, publish to hosted repo (not group):
npm publish --registry https://your-nexus.com/repository/npm-hosted/For multiple registries in .npmrc:
@myorg:registry=https://private-registry.com/
@otherorg:registry=https://another-registry.com/Network configuration, proxies, or stale authentication can cause requests to be rejected.
npm config set proxy http://proxy.company.com:8080
npm config set https-proxy http://proxy.company.com:8080
npm login
npm config listIf using a VPN, ensure it's active and the registry is accessible.
For Nexus users: E400 errors commonly occur when publishing to a repository group instead of a hosted repository. Groups are read-only proxies—you must publish to the hosted (private) repository directly. Additionally, verify the repository format is set to 'npm', not 'nuget' or another format. For GitHub Packages / GitLab: The E400 error often indicates a scope mismatch. Your package name scope (@org/package) must match the organization or user that owns the repository. Debug mode: Run npm install --verbose to see detailed HTTP requests and responses.
npm ERR! code ENOAUDIT npm ERR! Audit endpoint not supported
How to fix "npm ERR! code ENOAUDIT - Audit endpoint not supported"
npm ERR! code EBADDEVENGINES npm ERR! devEngines.runtime incompatible with current node version
How to fix "npm ERR! code EBADDEVENGINES - devEngines.runtime incompatible with current node version"
npm ERR! code ETOOMANYARGS npm ERR! Too many arguments
How to fix "npm ERR! code ETOOMANYARGS - Too many arguments"
npm ERR! code EINVALIDTAGNAME npm ERR! Invalid tag name: tag names cannot contain spaces
How to fix "npm ERR! code EINVALIDTAGNAME - tag names cannot contain spaces"
npm ERR! code ENOTDIR npm ERR! ENOTDIR: not a directory
How to fix "ENOTDIR: not a directory" in npm