Why does "nuget.exe push" to Nexus Repository 2 ask for login credentials?

Visit my.sonatype.com for documentation on Nexus Repository version 2.

If you use a NuGet API key in your "nuget push" command login, credentials (username/password) shouldn't be needed.

Unfortunately, there is a problem with the way NuGet.exe works. It expects anonymous read access to the root of the repository. The reason for this is that it pings the root without credentials to determine if the repository is healthy. If this receives a 401 response then NuGet.exe will prompt for authentication.

By default, Nexus Repository 2 ships with the 'Repo: All Repositories (read)" role assigned to the anonymous user, so "nuget push" with just an API key will work.  But if you've restricted access to the Nexus Repository 2 anonymous user, you may experience the above issue.  To work around this, you need to grant the anonymous user in Nexus Repository 2 access to the root of the nuget repository.  

First go to "view/repositories/repository targets", and create a repository target with:

  • Repository Type: NuGet
  • Pattern Expresson: /

Then create a repository target privilege for your nuget repository under '"security/privileges" using this repository target.

Finally, create a role which contains the "read" privilege you just created and give this to the anonymous user in Nexus.

This will not grant anonymous access to any of the contents of your NuGet repository. It just grants access to read the root ("/").

Have more questions? Submit a request


Article is closed for comments.