Automation
This section guides using the APIs, webhooks, and integrations to automate Nexus Repository functionality.
REST API
Use the REST API to integrate Nexus Repository with external systems. Nexus Repository leverages the OpenAPI Specification (OAS) as its official API documentation. This document is available to download from any instance at the following URL and does not require privileges to access.
<nexus_url>/service/rest/swagger.json
Swagger UI in Nexus Repository
We ship Nexus Repository with Swagger UI - a simple, interactive user interface, where REST calls are processed directly through the UI to observe the results in the browser.
This interface is located under the API section via the System sub-menu of the Settings menu.
The nx-settings-read privilege is required to access this page. This privilege provides access to multiple views in the user interface. There is not a setting to view only the API view at this time.
The API view lists all APIs and their examples, however, only the APIs that the user has permission to utilize are functional.
Beta Endpoints in the Nexus Repository API
APIs under the beta
endpoints are fully supported by Sonatype and are safe to use in production systems. Compatible newer versions may have aliases allowing newer functionality without changing the published endpoint.
Staging API
Staging is a simple but powerful feature in Nexus Repository that lets you move artifacts from one repository to another using API calls from your CI/CD tools. You can use this to build workflows with quality checks so artifacts are not used before they are ready.
Staging has a powerful connection with other features such as Cleanup Policies which help keep your build pipelines lean and light on storage space.
See Staging
Tagging API
Tagging assigns descriptive metadata to components stored in Nexus Repository and makes it possible to organize and track a logical grouping of related artifacts across repositories. Tags facilitate lifecycle management by allowing teams to mark components as they move through development, testing, deployment, and clean-up stages. Tagging improves searching and retrieval of specific components based on custom metadata all through the REST API.
Add custom attributes as JSON data within tags for flexible and detailed annotation of software assets.
See Tagging
Scripting API
Scripts may be written to perform custom tasks that can't be handled directly through the UI or the REST API. Nexus Repository scripts are written in the Groovy programming language.
To make Nexus Repository more secure, the Groovy scripting engine is disabled by default.
See the Script API documentation for details.
Nexus Platform Integrations
Below are official integrations for Nexus Repository. Bring open-source policy management and Sonatype component intelligence to Nexus Repository.
Sonatype IQ Server
The Sonatype IQ Server is an open-source governance and policy management tool that provides compliance metadata to open-source components stored in the Nexus Repository.

Repository Firewall Audit and Quarantine
Repository Firewall is a solution that prevents components with known risks from entering your software supply chain.
When new components are requested from the public ecosystems:
The Repository Firewall automatically compares every component against a set of organization-defined policies.
Components or dependencies that violate your policies are quarantined for review by your security team.
Limiting the risks that your organization can manage.
Component Intelligence
The component info view uses Lifecycle Component Intelligence to display a component's available versions from the public ecosystems and associated risks aligning with your governance policies.
It highlights the available component information for a particular version and displays the specific version numbers at the bottom of the graphic.
Additionally, the view shows details for that version of the component in the right-hand list of properties.
Hosted Repository Analysis
Hosted repository analysis provides a way to analyze your built applications without modifying the build systems.
Using hosted repository analysis, security teams can measure and mitigate risks in an artifact staging workflow before promoting artifacts to production repositories.
Nexus Repository for Maven Plugin
Use the Nexus Repository for Maven plugin for staging packages.
Nexus Platform Plugin for Jenkins
A Jenkins plugin that integrates via Jenkins Pipeline or Project steps with Nexus Repository and Sonatype Lifecycle.