Once you have scoped a package to your Organization, users with Super Admin or Team Admin roles in your Organization can grant, revoke, and monitor team access to that package.
There are two levels of access you can provide:
npm install
npm publish
To grant access to a team, a Team Admin can type:
> npm access grant <read-only|read-write> <org:team> [<package>]
The grant
command takes 3 arguments, in order:
read-only
or read-write
<org:team>
, e.g. npminc:wombats
package.json
.
For example, to grant read-write access the npm-docs
package to the @npminc
org's wombats
team, a user who:
npm-docs
package...would do the following:
> npm access grant read-write npminc:wombats npm-docs
To revoke team access to a package, a Team Admin can type:
> npm access revoke <org:team> [<package>]
Again, the package
argument is optional if this command is executed in a directory containing a package.json
.
You can check whether you have successfully granted or revoked team access to a package using the npm access ls-packages
and npm access ls-collaborators
command.
npm access ls-packages <org> <user>
npm access ls-packages <org:team>
npm access ls-collaborators <pkg>
© npm, Inc. and Contributors
Licensed under the npm License.
npm is a trademark of npm, Inc.
https://docs.npmjs.com/orgs/package-access