npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

verdaccio-azure-ad-login

v1.1.1

Published

Let your users authenticate into Verdaccio using Azure AD OAuth

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

ihtonihton

Keywords

verdaccio,azure,active,directory,oauth,login

Readme

Verdaccio Auth via Azure Active Directory

Let your users authenticate into Verdaccio via Azure AD OAuth 2.0 API

Install

As simple as running:

$ npm install -g verdaccio-azure-ad-login

Configure

auth:
    azure-ad-login:
        # REQUIRED, Azure application tenant
        tenant: ""
        # REQUIRED, Azure client_id
        client_id: ""
        # REQUIRED, Azure application client_secret
        client_secret: ""
        # OPTIONAL, default email domain for accounts, example: organization.com
        organization_domain: ""
        # OPTIONAL, custom azure scope for users
        # Standard scope: user.read openid profile offline_access
        # Other permissions added here will be added to the end of the standard one
        scope: ""
        # OPTIONAL, users of these groups will be allowed to authenticate
        # This requires the App to have GroupMember.Read.All permission:
        # https://docs.microsoft.com/en-us/graph/api/user-getmembergroups?view=graph-rest-1.0&tabs=http
        allow_groups:
          - "developer"

Logging In

To log in using NPM, run:

    npm adduser --registry  https://your.registry.local

As the username for Azure ActiveDirectory is the email addresses and cannot contain @, replace the @ with two periods ..
Example: usermail..organization.com

The address will be parsed and converted to a normal email address for authentication.

You can specify the organization_domain if most or all of your users use the same email provider or an own mail server. In this case users will be able to log in using its local part (or id) from the mail as username, being able to override the default domain via the .. convention mentioned previously.
Example:

auth:
    azure-ad-login:
        organization_domain: 'organization.com'

User example email: [email protected]
Local part: own_email
The user will be able to log in using own_email as the npm username.

How does it work?

User provides a login/password which he uses to perform auth on Azure ActiveDirectory. Verdaccio will grant access to the user only if he is in at least one of the groups from the "allow_groups" option.

This option provides a way to specify which teams and their roles should be authorized by Verdaccio. If team name is set without roles it would be treated as any role grants a successful sign in for the user. Controversial, if roles are specified within the team, Verdaccio will check if signed user has an appropriate role in the team.

After this it is becomes possible to configure team-based access.

Package Access

By default, all users connected using Azure AD will be a member of azuread group.

packages:
  '**':
    access: $all
    publish: azuread # only Azure AD authenticated members will be allow to publish