diff --git a/lib/token.js b/lib/token.js
index cccbba2f9ad75..326f98ec7ef87 100644
--- a/lib/token.js
+++ b/lib/token.js
@@ -1,6 +1,9 @@
 'use strict'
+
 const profile = require('libnpm/profile')
 const npm = require('./npm.js')
+const figgyPudding = require('figgy-pudding')
+const npmConfig = require('./config/figgy-config.js')
 const output = require('./utils/output.js')
 const Table = require('cli-table3')
 const Bluebird = require('bluebird')
@@ -76,22 +79,43 @@ function generateTokenIds (tokens, minLength) {
   return byId
 }
 
+const TokenConfig = figgyPudding({
+  registry: {},
+  otp: {},
+  cidr: {},
+  'read-only': {},
+  json: {},
+  parseable: {}
+})
+
 function config () {
-  const conf = {
-    json: npm.config.get('json'),
-    parseable: npm.config.get('parseable'),
-    registry: npm.config.get('registry'),
-    otp: npm.config.get('otp')
-  }
+  let conf = TokenConfig(npmConfig())
   const creds = npm.config.getCredentialsByURI(conf.registry)
   if (creds.token) {
-    conf.auth = {token: creds.token}
+    conf = conf.concat({
+      auth: { token: creds.token }
+    })
   } else if (creds.username) {
-    conf.auth = {basic: {username: creds.username, password: creds.password}}
+    conf = conf.concat({
+      auth: {
+        basic: {
+          username: creds.username,
+          password: creds.password
+        }
+      }
+    })
   } else if (creds.auth) {
     const auth = Buffer.from(creds.auth, 'base64').toString().split(':', 2)
-    conf.auth = {basic: {username: auth[0], password: auth[1]}}
+    conf = conf.concat({
+      auth: {
+        basic: {
+          username: auth[0],
+          password: auth[1]
+        }
+      }
+    })
   } else {
+    conf = conf.concat({ auth: {} })
     conf.auth = {}
   }
   if (conf.otp) conf.auth.otp = conf.otp
@@ -183,8 +207,8 @@ function rm (args) {
 
 function create (args) {
   const conf = config()
-  const cidr = npm.config.get('cidr')
-  const readonly = npm.config.get('read-only')
+  const cidr = conf.cidr
+  const readonly = conf['read-only']
 
   const validCIDR = validateCIDRList(cidr)
   return readUserInfo.password().then((password) => {
diff --git a/test/tap/unit-token-validate-cidr.js b/test/tap/unit-token-validate-cidr.js
index db963c31f386d..cda91b8f1e0da 100644
--- a/test/tap/unit-token-validate-cidr.js
+++ b/test/tap/unit-token-validate-cidr.js
@@ -1,7 +1,6 @@
 'use strict'
 const test = require('tap').test
-const requireInject = require('require-inject')
-const validateCIDRList = requireInject('../../lib/token.js', {'../../lib/npm.js': {}})._validateCIDRList
+const validateCIDRList = require('../../lib/token.js')._validateCIDRList
 
 test('validateCIDRList', (t) => {
   t.plan(10)