Auth credentials to private artifactory registry don't work

[markcellus]

Package manager/ecosystem
javascript/npm

For the past few weeks, we've been trying to diagnose why we keep getting these Dependabot couldn't authenticate with XXXX issues. We are not using the github-native version of dependabot due to this being a private registry. The issue seems to be consistent since the beginning of the year and we haven't been able to use Dependabot since. 😞

We've tried going to "Config variables" in dependabot dashboard and removing and reentering the credentials of an artifactory/npm user that we know has rights to read and download packages. However, dependabot is still unable to authenticate.

Here's the link to the logs of the errors we keep getting.

Can anyone help? Thanks!

[markcellus]

After debugging this further, it appears we were getting errors due to the authentication credentials. The Auth token field instructs to use a string formatted as "username:password". But that doesn't work. We had to use the API key as the password. Doing that seems to have fixed it.