Skip to main content

Realms

Realms define a Nexus Repository user's authentication source. To manage realms, the user requires the nx-settings privilege. Manage realms under the Administration Security view.

Realms list

  • Nexus Repository requires multiple security realms for identifying users. Do not remove all realms from the Active section as this prevents access to Nexus Repository for all users, including administrators.

  • Activate a security realm by adding it to the Active list in the right-hand column.

  • Prioritize a realm by moving it higher or lower on the list using the up and down arrows available next to each active realm.

    The order in which you have your active realms determines what authentication realm is given priority for granting a user access in the event of a name clash between authentication realms.

  • You must select Save to preserve changes.

Available Realms

The table below provides details about each available security realm in the Nexus Repository.

Realms

Details

Conan Bearer Token Realm

ConanToken

This realm is required for uploading to Conan repositories and produces tokens in response to the conan user command.

See Conan's Documentation

Crowd Realm

Crowd

This realm identifies external configuration in an Atlassian Crowd system.

See Atlassian Crowd Support.

Default Role Realm

DefaultRole

This realm appends a specific role to use by default for all users once they are authenticated.

See Default Role.

Docker Bearer Token Realm

DockerToken

This realm is required to access Docker repositories through a Docker client or other container image manager.

It is also required to allow anonymous pull access to Docker repositories.

See Docker Authentication

LDAP Realm

LdapRealm

This realm identifies external storage in an LDAP identity provider.

See LDAP

Local Authenticating Realm

NexusAuthenticatingRealm

This realm is required to use the built in user management. They allow Nexus Repository to manage authentication without an external identity provider.

Keep the Local Authenticating realm at the top of the active list. In the event of system recovery, restoration is difficult when this realm is lower in order or removed.

npm Bearer Token Realm

NpmToken

This realm permits users with previously generated bearer tokens to publish npm packages. It also allows users to establish the authentication to a repository with the npm adduser (npm login is an equivalent alias) command.

See npm Security

NuGet API-Key Realm

NuGetApiKey

This realm is required for deployments to NuGet repositories.

See NuGet Repositories

Rut Auth Realm

rutauth-realm

This realm allows the use of any external security system that passes the user details through HTTP headers for requests to Nexus Repository.

See Authentication via Remote User Token

SAML Realm

SamlRealm

This realm uses an external Identity Provider (IdP) to handle authentication.

See SAML

User Token Realm

User-Token-Realm

This realm is to enable user tokens as a method for authentication that would normally require passing your username and password in plain text.

See Security Setup with User Tokens