diff --git a/lib/publish.js b/lib/publish.js
index 0a4123303e6be..8ef7eff4c8a64 100644
--- a/lib/publish.js
+++ b/lib/publish.js
@@ -43,11 +43,13 @@ const publish = async args => {
     })
   }
 
-  const creds = npm.config.getCredentialsByURI(registry)
-  if (!creds.token && !creds.username) {
-    throw Object.assign(new Error('This command requires you to be logged in.'), {
-      code: 'ENEEDAUTH',
-    })
+  if (!opts.dryRun) {
+    const creds = npm.config.getCredentialsByURI(registry)
+    if (!creds.token && !creds.username) {
+      throw Object.assign(new Error('This command requires you to be logged in.'), {
+        code: 'ENEEDAUTH',
+      })
+    }
   }
 
   if (semver.validRange(defaultTag))
diff --git a/test/lib/publish.js b/test/lib/publish.js
index c1f353f6fdbc5..d4e41605df8c6 100644
--- a/test/lib/publish.js
+++ b/test/lib/publish.js
@@ -193,7 +193,11 @@ t.test('should log tarball contents', (t) => {
         dryRun: true,
         registry: 'https://registry.npmjs.org/',
       },
-      config,
+      config: {
+        ...config,
+        getCredentialsByURI: () => {
+          throw new Error('should not call getCredentialsByURI!')
+        }},
     },
     '../../lib/utils/tar.js': {
       getContents: () => ({