npm-profile

View the npm profile details

$ npm profile get

$ npm profile get [property]

$ npm profile set [property] [value]

$ npm profile set email [email]

$ npm profile set fullname [name]

$ npm profile set password

$ npm profile enable-2fa [auth-only|auth-and-writes]

$ npm profile disable-2fa

npm profile get [username]
npm profile set <field> <value>
npm profile enable-2fa [--otp <otpcode>]
npm profile disable-2fa [--otp <otpcode>]
npm profile set password
npm profile set email <email>

get [username]
    Retrieves profile information for the specified user or the currently logged-in user if username is omitted.

set <field> <value>
    Updates a specific profile field (e.g., email, password) with a new value. Invoking set password or set email without a value will lead to an interactive prompt.

enable-2fa
    Initiates the process to enable two-factor authentication (2FA) for the current account. This typically involves an interactive setup or requires an --otp flag.

disable-2fa
    Disables two-factor authentication (2FA) for the current account. This operation usually requires an --otp or interactive confirmation.

--otp <otpcode>
    A one-time password from an authenticator app, required for certain 2FA-related operations (e.g., enable-2fa, disable-2fa, or when publishing if 2FA is enabled).

The npm profile command allows users to interact with and manage their profile details on the npm registry. This includes viewing profile information, updating details like email and password, and configuring two-factor authentication (2FA). It is a crucial tool for maintaining the security and accuracy of an npm account, directly interfacing with the npm public registry or a private registry.

It centralizes commands for retrieving, setting, and securing user-specific information on the npm registry, providing a comprehensive interface for personalizing and protecting one's presence in the npm ecosystem.

1. Authentication Required: You must be logged in to npm using npm login to use most npm profile commands.
2. Interactive Prompts: Sensitive operations, such as changing your password or managing 2FA, often involve interactive terminal prompts to confirm your identity and securely collect information.
3. Registry-Specific Changes: All modifications made via npm profile directly affect your account on the npm registry (public or private), not your local npm client configuration.
4. Network Connectivity: A stable internet connection is essential for npm profile to communicate with the npm registry.

For critical security-related operations, such as changing your password with npm profile set password or enabling 2FA, npm profile often employs interactive prompts. These prompts ensure that the user is intentionally performing sensitive actions and provide a secure way to input credentials or confirm changes directly in the terminal.

The npm profile command is the authoritative tool for managing Two-Factor Authentication (2FA) on your npm account. Enabling 2FA through enable-2fa adds an essential layer of security, requiring a time-based one-time password (TOTP) for various sensitive actions, including publishing packages and altering profile settings. Disabling 2FA is handled via disable-2fa.

The npm profile command has been an integral part of the npm CLI, evolving alongside the package manager itself. Its capabilities expanded significantly with the increasing focus on user account security within the npm ecosystem. The introduction and integration of two-factor authentication (2FA) support, particularly with the dedicated enable-2fa and disable-2fa subcommands, marked a crucial development, establishing it as the primary interface for managing this critical security feature for npm accounts. Its continuous development reflects the npm community's commitment to providing robust and secure tools for developers.

npm(1), npm login(1), npm whoami(1), npm config(1)