> ## Documentation Index
> Fetch the complete documentation index at: https://docs.endorlabs.com/llms.txt
> Use this file to discover all available pages before exploring further.
## Submitting Feedback
If you encounter incorrect, outdated, or confusing documentation on this page, submit feedback:
POST https://docs.endorlabs.com/feedback
```json
{
"path": "/integrations/package-managers/npm-private-package-manager/index",
"feedback": "Description of the issue"
}
```
Only submit feedback when you have something specific and actionable to report.
# Private package manager integration for npm
> Learn how to configure Endor Labs to access private npm repositories for dependency resolution and security scanning.
Configure Endor Labs to integrate with private npm repositories to access proprietary dependencies during security scanning and analysis. When your JavaScript or Node.js projects depend on packages in private or corporate repositories, Endor Labs needs authentication credentials. These credentials let Endor Labs resolve dependencies and generate a complete bill of materials.
This integration enables Endor Labs to:
* Access private npm packages during dependency resolution
* Generate comprehensive security analysis including private dependencies
* Maintain complete visibility into your software supply chain
Endor Labs integrates with your self-hosted package repositories and source control systems to give you visibility into your environment. Package manager integrations let you simplify scanning using custom repositories.
Endor Labs generally respects package authentication and configuration settings and a package manager integration is usually not required to scan private packages successfully.
* Use package manager integrations to simplify scanning when authentication to private repositories is not part of standard manifest or settings files.
* Package manager integrations allow you to set custom repositories for each package ecosystem and the priority of each repository for scanning.
To set up a package manager integration:
1. Sign in to Endor Labs and select **Integrations** from the left sidebar.
2. Click **Add** next to the package manager configuration you want to add.
3. Click **Add Package Manager**.
4. Enter the name of the package manager.
5. Select either **Basic** or **AWS Code Artifactory** as **Authentication Type**.
See [AWS authentication](/integrations/package-managers/aws-codeartifact) for more information.
### Authenticate to npm private package repositories
To connect to private repositories of npm enter the package manager URL and the package registry credentials such as username and password.
### Test package manager integration
You can test the connection to a configured package manager to verify that Endor Labs can reach the repository. To test the connection:
1. Select **Integrations** from the left sidebar.
2. Click **Manage** in the package manager configuration you want to customize.
3. Click the vertical three dots of the package manager configured and select **Test Connection**.
The integration does not perform authentication or authorization checks on the package manager repository.
### Edit package manager integration
You can edit an existing package manager integration to update the name, repository URL, or authentication credentials. To edit a package manager integration:
1. Select **Integrations** from the left sidebar.
2. Click **Manage** next to the package manager you want to edit.
3. Click the vertical three dots on the configured integration you want to edit and select **Edit**.
4. You can modify the name, package manager URL, and credentials.
5. Click **Save Changes**.
## Package manager integration for npm using API
Use endorctl to create a package manager resource for your private npm registry and authenticate using one of the following tokens:
* Base64-encoded username and password
* Basic authentication token
You can configure multiple npm package managers only if each configuration has its own scope.
### Base64-encoded authentication token
1. Generate base64 token
To generate the base64 encoded username and password, run the following command. Copy the token generated and store it in a secure place.
```shell theme={null}
echo -n 'username:plain_password' | openssl base64
```
2. Create package manager resource
Run the following command to create a package manager resource and authenticate to npm registry using base64 token without scope.
Replace:
* `base64 token` with the generated base64 encoded username and password in the previous step.
* `namespace` with your namespace.
```shell theme={null}
endorctl api create -r PackageManager -n -d '
{
"meta": {
"name": "test npm with base64",
"description": "test npm with base 64 token without scope"
},
"spec": {
"npm": {
"priority": 1,
"url": "package manager url"
"token": "base64 token"
}
},
"propagate": true
} '
```
### Basic authentication token
Run the following command to create a package manager resource and authenticate to npm registry using basic authentication token with scope.
Replace:
* `xxx` with your authentication token.
* `namespace` with your namespace.
* `@scope` with your scope. For example, `"scope":"@abc-corp"`.
```shell expandable theme={null}
endorctl api create -r PackageManager -n -d '
{
"meta": {
"name": "test npm with auth token",
"description": "test npm with auth token with scope"
},
"spec": {
"npm": {
"priority": 1,
"scope": "@scope",
"url": "package manager url",
"auth_token": "xxxx"
}
},
"propagate": true
} '
```
### Fetch package manager using API
Run the following command to fetch the package manager using the UUID.
```bash theme={null}
endorctl api get -r packageManager -n --uuid
```
### Delete package manager using API
Run the following command to delete the package manager using the UUID.
```bash theme={null}
endorctl api delete -r packageManager -n --uuid
```