Question about npm publishing with 2FA on

[oatymart]

Hi,
before trying, I would like to know if it's possible to use this action when you have 2FA configured on your npm account?
When I publish manually using npm publish, I'm prompted for my OTP. Will this prevent the action from completing?

[JamesMessinger]

I have 2FA enabled for my NPM account, and this action works great for me. But I think you can also enable a stricter form of 2FA in NPM, where the OTP has to be re-entered every time you publish a package, and I'm not sure whether this action will work in that case.

[oatymart]

Sadly under my npm organisation's current publishing settings, this action fails with:

npm ERR! code EOTP
npm ERR! This operation requires a one-time password from your authenticator.
npm ERR! You can provide a one-time password by passing --otp=<code> to the command you ran.
npm ERR! If you already provided a one-time password then it is likely that you either typoed
npm ERR! it, or it timed out. Please try again.

Since there doesn't seem to be any workaround offered by npm, having 2FA-for-publishing and publishing via an action seems to be, as expected, a no-go.

[yordis]

I think this should be close,

NPM has a token type for integrations such as CI/CD that will bypass 2MFA.