Authentication
Nexus Repository integrations with several external authentication sources. Configure the available authentication methods using Realms.
User access is managed through roles assigned privileges as explained in the Access Controls.
See Access Control
Authentication Methods | Description |
|---|---|
External Realms | Nexus Repository Cloud deployments integrate their Identity provider using the my.sonatype.com portal. Nexus Repository self-hosted deployments may manually configure an external realm for authentication. See Realms |
Anonymous Access | Anonymous or unauthenticated access is managed through an anonymous user and role profile. See Anonymous Access |
Local Authentication | We strongly recommend a centralized authentication provider such as LDAP or SSO. Nexus Repository includes support for managing users through both the user interface and REST API. |
User Tokens | For improved security, enabling user token support allows users to generate a random token pair to use with client tools and avoids storing credentials in local files. See User Tokens |
Remote User Token (RUT) Authentication | With Remote User Token (RUT) authentication, a reverse proxy placed in front of Nexus Repository supplies the identification for the user as a header. |
SCIM Not Supported
Direct System for Cross-domain Identity Management (SCIM) is not supported.
User provisioning and deprovisioning data (e.g., user creation, deletion, group membership changes) are not automatically synchronized between your identity provider and Nexus Repository. While SSO handles authentication flow, changes to user identity data within your identity provider are not automatically reflect within Nexus Repository.
Manual user management or custom API integrations are required for comprehensive user lifecycle management.