The troubleshooting section includes details on error and other messages you may receive using the Amplify CLI, why the message may have occurred, and suggested methods to resolve them.

Error: EACCESS: permission denied, access '/usr/local/lib/node_modules'

When installing the Amplify CLI on macOS or Linux, the global install location may require elevated access permissions.

One solution is to rerun the install using sudo:

sudo npm i -g @axway/amplify-cli

Another option is to change the file owner of the global install location:

sudo chown -R $(whoami) /usr/local/bin /usr/local/lib/node_modules

npm offers two more options: use a node version manager or change npm's default directory. Visit npm's documentation for more details: https://docs.npmjs.com/resolving-eacces-permissions-errors-when-installing-packages-globally.

Secure token store is not available

This issue can occur in Amplify CLI 1.1.0 and earlier on Linux and macOS. It is caused by a failure to install the keytar library needed to securely store your access tokens.

The most likely culprit is a permission issue accessing the npm home directory ~/.npm when compiling keytar. You can try to manually fix the file permissions or re-install the Amplify CLI with unsafe permissions disabled:

npm i -g --unsafe-perm @axway/amplify-cli

Error: Prebuild-install WARN install self signed certificate in certificate chain (code 1)

This issue is caused when the Amplify CLI attempts to install the keytar library and you are using a proxy server that uses a self-signed certificate. By default, Node.js (and npm) error when making an HTTPS request to a server that has a TLS certificate that is signed by an unknown authority. There are two workarounds.

1. Disable secure token storage:

amplify config set auth.tokenStoreType file

or

2. Disable Node.js TLS certificate validation by setting the following environment variable:

# Linux/macOS
export NODE_TLS_REJECT_UNAUTHORIZED=0

# Windows
set NODE_TLS_REJECT_UNAUTHORIZED 0

Error: tunneling socket could not be established, cause=self signed certificate

This occurs when you are using a proxy server with a self-signed SSL certificate. The only way to get around this is to disable Node.js TLS certificate validation by setting the following environment variable:

# Linux/macOS
export NODE_TLS_REJECT_UNAUTHORIZED=0

# Windows
set NODE_TLS_REJECT_UNAUTHORIZED 0

Error: Fetch user info failed: Response code 401 (Unauthorized)

This is caused by a bug and occurs when you think you have a valid access token, but the Amplify Platform has revoked the access token. This is most likely caused by switching your current selected organization.

The workaround is to log out and log back in:

amplify auth logout --all
amplify auth login

Error: Amplify Auth requires "libsecret" which must be manually installed.

The Amplify CLI by default will store your access tokens securely in a file on disk. On Linux, we use a library that requires libsecret. To install it, run:

# Debian/Ubuntu:
sudo apt-get install libsecret-1-dev

# Red Hat-based:
sudo yum install libsecret-devel

# Arch Linux:
sudo pacman -S libsecret

Error: Cannot autolaunch D-Bus without X11 $DISPLAY

This issue occurs on headless Linux machines, Docker containers, and SSH sessions. The problem is the libsecret library has dependencies on X11 display server so that a dialog can prompt the user for their password and unlock the secure token store encryption key.

Unfortunately, headless Linux environments are not supported.

Login hangs

By default, the Amplify CLI authenticates using your web browser. The Amplify CLI will appear to freeze or hang while it waits for the browser to open and for you to sign in. The AMPLIFY CLI does not know if the browser launched successfully and thus it appears it has hung.

Try the following:

  1. Logout by running amplify auth logout --all, then login again.
  2. Restart your terminal to ensure the system paths are untainted and that the AMPLIFY CLI can find your default web browser, then login again.
  3. Disable launching the browser and manually copy and paste the URL into your browser by running amplify auth login --no-launch-browser.

Your web browser must be in the same environment for which the login command was run. You cannot authenticate a remote or headless machine unless you have been issued a signed JWT token or client secret service account by Axway ID.

Error: npm ERR! code ENOENT (code 254)

This error is caused with the AMPLIFY CLI v1 authentication related commands if the keytar dependency for your Node.js version is not installed. The AMPLIFY Auth SDK will automatically download keytar and install it into the ~/.axway/lib/keytar directory. However, some versions of npm (notably npm 7) may not create the destination directory if it doesn't already exist.

Some possible workarounds are: