The EAUTHIP error occurs when npm blocks authentication because your IP address is not whitelisted on your account or token. This commonly happens with granular access tokens, enterprise registries, or corporate network restrictions.
The EAUTHIP error ("Error Authentication IP") means npm rejected your authentication request based on IP address restrictions. This can happen in two main scenarios: (1) You have configured IP-based access controls on your granular access token, and your current IP address is not in the whitelist, or (2) Your npm account has IP-based login restrictions enabled, preventing login from your current network. The error commonly surfaces during `npm login`, `npm adduser`, or `npm install` when authenticating to private registries or npm Enterprise accounts. The root cause is a mismatch between your actual IP address and the IP whitelist configured on your token or account.
First, determine what IP address npm is sending to the registry. Visit https://api.ipify.org or https://whatismyipaddress.com to see your public IP.
For corporate networks with proxies, your actual outbound IP may differ. You can also check within Node.js:
node -e "require('http').get('http://api.ipify.org', (res) => { let data = ''; res.on('data', chunk => data += chunk); res.on('end', () => console.log(data)); });"Note the IP address returned—this is what npm is using for authentication.
Log in to https://npmjs.com and navigate to your account settings:
1. Click your profile icon → "Access Tokens"
2. Find the token you're using (or the one in your .npmrc file)
3. Click "Edit" and check the "Allowed IP Ranges" field
If IP ranges are configured, verify that your current IP (from step 1) falls within one of the listed CIDR ranges.
Example valid CIDR notation:
- 203.0.113.0/24 - allows all IPs from 203.0.113.0 to 203.0.113.255
- 10.0.0.0/8 - allows a large corporate IP range
- 203.0.113.42/32 - allows only the single IP 203.0.113.42
If your IP address is not whitelisted, you have two options:
Option A: Add your current IP to the whitelist
1. Go to https://npmjs.com → "Access Tokens"
2. Click "Edit" on your token
3. Click "Add IP Range" in the "Allowed IP Ranges" section
4. Enter your IP in CIDR notation:
- For a single IP: 203.0.113.42/32
- For a range: 203.0.113.0/24
5. Click "Update Token"
Option B: Remove IP restrictions entirely
1. Go to https://npmjs.com → "Access Tokens"
2. Click "Edit" on your token
3. Clear the "Allowed IP Ranges" field
4. Click "Update Token"
After updating, clear npm cache and try again:
npm cache clean --force
npm loginIf you don't have tokens with IP restrictions, your npm account itself may have login IP controls:
1. Go to https://npmjs.com → Account Settings (gear icon)
2. Look for "Security" or "IP Restrictions" section
3. If IP-based access controls are enabled, verify your current IP is whitelisted
If account-level restrictions exist and your IP isn't whitelisted:
- Add your IP to the allowed list
- Contact npm support ([email protected]) if you cannot modify these settings
Note: Regular npm.js accounts typically do not have account-level IP restrictions; this is more common with npm Enterprise or organization accounts.
If previous steps don't resolve the issue, create a test token to isolate whether the problem is truly IP-based:
1. Go to https://npmjs.com → "Create New Token"
2. Choose "Granular Access Token"
3. Set permissions to "Read-only"
4. Leave "Allowed IP Ranges" blank (no restrictions)
5. Click "Create"
6. Copy the new token
Test this unrestricted token:
npm logout
npm config set //registry.npmjs.org/:_authToken=<YOUR_NEW_TEST_TOKEN>
npm installIf this works, the problem is definitely IP restrictions. Re-enable restrictions with your correct IP.
If even the unrestricted token fails with EAUTHIP, the issue may be corporate proxy/firewall modifying requests or your account being locked. Contact [email protected] with the complete error output.
IP Restrictions in CI/CD Environments: GitHub Actions, GitLab CI, and other CI runners use dynamic IP addresses that change frequently, making static IP whitelists impractical. Solutions include: (1) Create a separate CI-specific token without IP restrictions, (2) Use trusted publishing (GitHub Actions) or provider-specific authentication like actions/setup-node@v4 with GitHub token, or (3) Configure your IP whitelist to include your CI provider's entire IP range. Corporate Proxies: If behind a corporate proxy, your outbound IP may differ from your device's local IP. Verify using the ipify check above, not your network settings. NAT and Dynamic IPs: Home networks, cellular data, and VPN connections often have dynamic IPs that change without notice. If you're frequently affected by EAUTHIP on these networks, consider using a less restrictive token.
npm ERR! code ENOAUDIT npm ERR! Audit endpoint not supported
How to fix "npm ERR! code ENOAUDIT - Audit endpoint not supported"
npm ERR! code EBADDEVENGINES npm ERR! devEngines.runtime incompatible with current node version
How to fix "npm ERR! code EBADDEVENGINES - devEngines.runtime incompatible with current node version"
npm ERR! code ETOOMANYARGS npm ERR! Too many arguments
How to fix "npm ERR! code ETOOMANYARGS - Too many arguments"
npm ERR! code EINVALIDTAGNAME npm ERR! Invalid tag name: tag names cannot contain spaces
How to fix "npm ERR! code EINVALIDTAGNAME - tag names cannot contain spaces"
npm ERR! code E400 npm ERR! 400 Bad Request
How to fix "npm ERR! code E400 - 400 Bad Request" error