401 Content access is protected by token when accessing repositories


When trying retrieve protected repository content using valid credentials, requests may still fail with an HTTP status code 401 authentication failure. The response HTTP response status line will contain a very specific message:

401 Content access is protected by token


Nexus Repository has a feature called User Tokens. An Administrator may configure this feature to deny all repository requests without a user token style name and passcode credential. This setting is intended to enforce that users do not use plain organization username and passwords so that the risk of exposing those sensitive enterprise credentials is reduced.



Follow the instructions to access your user token and configure your build tool to use the user token name and pass code Nexus Repository provides.


If this feature was accidentally enabled, consider disabling the feature to allow all forms of credentials to be used to authenticate for repository content requests.

To disable requiring user tokens for repository authentication:

  1. Sign-in as a NXRM admin user.
  2. Go to Administration -> Security -> User Token. 
  3. Nexus Repository 3: Uncheck the box that says Require user tokens for repository authentication . 
    Nexus Repository 2: Uncheck the box that says Protect Content . 
  4. Click Save.
Have more questions? Submit a request


Article is closed for comments.