The ENOTOWNER error occurs when you try to publish, unpublish, or modify an npm package you don't have ownership rights to. Verify your npm account, check the package's owner list, or request ownership from the current maintainer.
This error occurs when you attempt an operation that requires package ownership—like publishing, unpublishing, or adding collaborators—but your npm account isn't listed as an owner of the package. npm packages have explicit ownership. Only users listed as owners can perform certain operations. Collaborators (non-owners) can publish new versions but cannot unpublish, add other owners, or change access settings. The error is a permission check at the npm registry level, not a local file permission issue. It means the registry rejected your request because your account lacks the necessary rights.
List the current package owners:
npm owner ls <package-name>This shows all users with owner permissions. Your username must be in this list for owner-level operations.
Confirm you're logged in as the correct user:
npm whoamiIf it shows a different account than expected:
npm logout
npm loginThen enter the credentials for the account that owns the package.
If you need ownership, ask a current owner to add you:
# Current owner runs:
npm owner add <your-username> <package-name>Only existing owners can add new owners.
For scoped packages (@org/package), verify your organization role:
1. Go to npmjs.com and log in
2. Navigate to your organization settings
3. Check your role (owner, admin, member)
4. Ensure you have publish/manage permissions for the team
Organization admins may need to grant you specific package access.
If you're trying to publish a new package and the name is taken:
{
"name": "@your-username/package-name"
}Using a scoped name under your username or organization avoids conflicts with existing packages.
If you believe you should have ownership (e.g., the package was transferred incorrectly):
1. Go to npmjs.com/support
2. Submit a support request
3. Provide evidence of your claim (prior ownership, transfer agreement, etc.)
npm support can investigate and resolve ownership disputes.
Owner vs Collaborator permissions:
| Action | Owner | Collaborator |
|--------|-------|--------------|
| Publish new versions | ✓ | ✓ |
| Unpublish versions | ✓ | ✗ |
| Add/remove owners | ✓ | ✗ |
| Deprecate package | ✓ | ✗ |
| Change access level | ✓ | ✗ |
For CI/CD publishing:
If your CI pipeline gets ENOTOWNER:
1. Verify the NPM_TOKEN has publish rights
2. Check the token was generated by an account with ownership
3. For organization packages, ensure the token has the correct scope
4. Automation tokens may have different permissions than regular tokens
Two-factor authentication:
If 2FA is enabled on your npm account, owner operations may require an OTP. In CI, use an automation token which bypasses 2FA for publishing.
npm notice access token expired or revoked. Please try logging in again.
Token has expired - npm authentication failure
npm ERR! code EAI_AGAIN
How to fix "EAI_AGAIN" in npm
npm error code E403 npm error 403 Forbidden - PUT https://registry.npmjs.org/<package>
How to fix 'E403 Forbidden' error in npm
npm ERR! code EUSAGE npm ERR! Usage error
How to fix "npm ERR! code EUSAGE" in Node.js projects
npm ERR! code E401 npm ERR! 401 Unauthorized
How to fix "E401 Unauthorized" in npm