Skip to main content

Connecting IQ Server

The Sonatype IQ Server is the open-source governance and policy management tool used to provide compliance metadata to open-source components stored in the Nexus Repository.


Use the following steps for Nexus Repository 3 Pro:

  1. Log in to the Nexus Repository 3 Pro instance with administrator access

  2. Select the administration cog from the main menu

  3. Select IQ Server from the Administration section of the side menu

  4. Complete the IQ Server setup form

    1. Select the Enable the Use of IQ Server box

    2. Add your IQ Server URL

    3. Select an authentication method

      1. User Authentication: enter the IQ Server username and password

      2. PKI Authentication: delegate to the JVM for authentication

    4. Select Save

  5. Select Verify Connection to test the configuration


We recommend using a service account when connecting Nexus Repository to the IQ Server in production environments. Consider generating user tokens as an added layer of security.

At a minimum, this account requires access to the Evaluate Individual Components permission at the Repository Managers level in IQ Server Org and Policies.

Leave the following configuration options blank unless directed by Sonatype support:

  • Properties, Connection Timeout