Sonatype Nexus Missing Api Key

Question

I use Sonatype Nexus tool for managing my Nuget packages in my company. There are test and production environments.

I pushed the packages via "nuget.exe push -package -apikey" command. Api key is not changed in test environment. It worked entirely right. I pushed all my packages.

I had some problems in production environment. I pushed a package at first, then it asked username and password when i want to push my other packages. I get a new api key on Sonatype Nexus interface again. I push a package, then it asks username password again for 2nd trial and others.

So, i have to get a new api key everytime after 1st trial for pushing or deleting my Nuget packages to Sonatype Nexus tool.

Could you help me? Thank you

Answer 1

Assuming you're using Sonatype Nexus v3 I had similar issues, to resolve check the NuGet authentication is enabled and that the user has appropriate permissions.

Enable NuGet authentication (section 8.7.1. Accessing your NuGet API Key here), roughly as follows:
* Log in as admin
* Under "Administration" (the gear up the top) -> Security -> Realms
* Make sure "NuGet API-Key Realm" is in the "Active" box

Additionally check that your user has the correct permissions, particularly I've found the following work:
* nx-apikey-all
* nx-repository-view-*-*-*

This will allow the user to view, update, publish, delete all repositories on this Nexus server. I recommend a more granular approach once you get it working, for e.g. add the repository-view* permissions but not nx-repository-view-*-*-delete to avoid your CI being able to delete packages.

Answer 2

In addition to the previous answer. If you have a simple scenario where admin is the only user and you publish with API key that is connected to admin account you will get the same result 410 Unauthorized.

To fix this I have created another role with permissions from the answer above and add admin user to this group explicitly in addition to nx-admin.