Sonatype Nexus License FAQ

This article is provided for informational purposes and is not intended as a legal document.
Your legal agreement with Sonatype has precedence.
If you have additional questions please send an email to sales@sonatype.com.

Q. What is the Sonatype Nexus server product license model?

A. Nexus server products are licensed by aggregate user count per product and organization, not concurrent users or the number of server instances.


Q. What defines a licensed product "user"?

A. "User" means each individual (including all employees, Contractors, and subcontractors of Company, Company’s Affiliates and Contractors) who: (A) produces, consumes, or evaluates one or more software artifacts that is/are stored in or scanned, analyzed or otherwise evaluated by the Product, and/or (B) evaluates or in any way uses any Reports generated by the Products.

Example: Given a licensed organization has project team A and B. When there are 20 developers on team A, 20 developers on team B and 10 more Developers that work on both teams, a minimum product license for 50 users is required.

Analogous terms you may see for "User" are "Licensed Users", "Licensed Developers", "Contributing Developer". 

Consult your specific legal agreement with Sonatype if in doubt or send an email to sales@sonatype.com .


Q. Where is the public end user license agreement for Sonatype products?

A. Sonatype End User License Agreement is at https://www.sonatype.com/usage/master-eula.


Q. I want to set up a test Nexus instance. Do the number of licensed users apply to this test instance.

A. Yes.


Q. Does a user token for the same physical user as a username identifier equate to a single licensed user?

A. Yes. We treat these as multiple ids for the same licensed user.


Q. Does anonymous access to Nexus count as one user, or as many users that may be accessing Nexus anonymously?

A. If you are exposing your Nexus instances publicly (outside your organization), then the anonymous access originating from the public counts as one user. If the anonymous access is within your organization, then each individual user as defined by the license agreement applies, despite the access not requiring a login.


Q. How can I verify if I am in compliance with the number of licensed users?

A. There is no one size fits all way to count users due to the often complex network setups at many organizations.

If a server product is connected to an external user directory ( LDAP, SAML, etc. ) then tools designed specifically for that external tool could be used to count users who have access to Sonatype server products.

Another approach is to examine Sonatype server product request.log files. The IP address and user ID associated with each inbound request will be in columns 1 and 3 respectively. Anonymous users are represented by a dash "-" in the user id column. A user-agent header value may also be present. 

In Nexus Repository Manager versions before 3.17.0, you can access the "System -> Licensing -> Recent Connections" UI. You will then have access to a report of all the unique IP addresses accessing nexus within the last 7 days. This information is intended as an approximation tool only and should not be the only method you use to determine license compliance.

As of Nexus Repository Manager 3.17.0, the Recent Connections feature was removed (link only accessible by registered support contacts ) primarily for performance reasons and lack of accuracy across unique installations.

In Nexus Repository Manager 2, a similar ability exists to roughly approximate access by unique users in the last 7 days under Administration -> Licensing -> Active Users Report . This information is intended as an approximation tool only and should not be the only method you use to determine license compliance.

 

Have more questions? Submit a request

5 Comments

  • 0
    Avatar
    Praveen Singh

    If I'm executing three different Jenkins Jobs on a single slave machine with all three jobs dependent on Nexus, will that count as three licenses or one license?

  • 0
    Avatar
    Rich Seddon

    Automated use of Nexus does not directly count as a license use.  The intent of the user count in the license agreement is to count the number of people in your organization who are relying on Nexus to do their jobs.  People who rely on the output of the Jenkins builds which are using Nexus do count.

  • 0
    Avatar
    kishore

    Hi Rich,

    Hi

    i have question on nexus concurrent licence,  Assuming that we have  got 100 concurrent licences for example . Which means at any given time only 100 users can access a particular nexus instance(am i right in saying that) and what happens if  101 user try to access . assuming that you can have mutilple instances with same licence, the 100 user limit is per instance or across all instances.

    Thanks Kishore

  • 0
    Avatar
    Rich Seddon

    Licensing is across all instances, our aim is to count the number of people who use Nexus Professional on a regular basis to do their jobs.

  • 0
    Avatar
    kishore

    Thank you and those are concurrent users right. Assuming that we have  got 100 concurrent licences for example . Which means at any given time only 100 users can access a particular nexus instance(am i right in saying that) and what happens if 101 user try to access.

Article is closed for comments.