User Authentication
Nexus Repository includes a user management system and integrations with several external authentication sources. Configure the available authentication methods using Security Realms.
User access is managed through roles assigned with specified privileges as explained in the Access Control section.
Authentication Methods
Authentication Methods | Description |
|---|---|
Anonymous Access | Anonymous or unauthenticated access is managed through an anonymous user and role profile. See Anonymous Access |
Local Authentication | While we strongly recommend a centralized authentication provider such as LDAP, SAML, or Crowd, Nexus Repository includes support for managing users through both the user interface and REST API. We recommend configuring access using external identity providers managed by your organization. |
Remote User Token (RUT) Authentication | With Remote User Token (RUT) authentication, a reverse proxy placed in front of Nexus Repository supplies the identification for the user as a header. |
User Tokens | For improved security, enabling user token support allows users to generate a random token pair to use with client tools and avoids storing credentials in local files. See User Tokens |
LDAP | Lightweight Directory Access Protocol (LDAP) allows you to authenticate via external systems providing LDAP support (e.g., Microsoft Exchange/Active Directory, OpenLDAP, ApacheDS, etc.). See LDAP |
SAML | You can configure your instance to work with a SAML Identity Provider for authentication via Single Sign-On (SSO) and to send user groups to it for authorization. Nexus Repository implements the Web Browser SSO Profile from the SAML 2.0 specification. See SAML |
Atlassian Crowd | Atlassian Crowd is a widely used single sign-on and identity management tool |
SCIM Not Supported
Direct System for Cross-domain Identity Management (SCIM) is not currently supported.
User provisioning and deprovisioning data (e.g., user creation, deletion, group membership changes) are not automatically synchronized between your identity provider and Nexus Repository. While SSO handles authentication flow, changes to user identity data within your identity provider are not automatically reflect within Nexus Repository.
Manual user management or custom API integrations are required for comprehensive user lifecycle management.