Skip to content
Latchkey

RabbitMQ "ACCESS_REFUSED - Login was refused" in CI

RabbitMQ rejected the login with "ACCESS_REFUSED". The credentials or virtual host do not match, or you tried the default guest user from a non-local connection, which RabbitMQ blocks by default.

What this error means

The client fails with "ACCESS_REFUSED - Login was refused using authentication mechanism PLAIN. For details see the broker logfile.".

Terminal
ACCESS_REFUSED - Login was refused using authentication mechanism PLAIN.
For details see the broker logfile.

Common causes

The guest user cannot log in remotely

RabbitMQ restricts the default guest/guest account to localhost connections. From another container it is refused.

Wrong credentials or virtual host

The username, password, or vhost in the connection URL does not match what the container was configured with.

How to fix it

Create a dedicated user via env

Set RABBITMQ_DEFAULT_USER/RABBITMQ_DEFAULT_PASS so a non-guest user exists and can connect from any host.

.github/workflows/ci.yml
services:
  rabbitmq:
    image: rabbitmq:3.13
    env:
      RABBITMQ_DEFAULT_USER: app
      RABBITMQ_DEFAULT_PASS: app_pw
    ports: ['5672:5672']
env:
  AMQP_URL: amqp://app:app_pw@localhost:5672/

Match the virtual host in the URL

Ensure the vhost segment of the AMQP URL matches an existing vhost (default is "/").

Terminal
AMQP_URL=amqp://app:app_pw@localhost:5672/%2F

How to prevent it

  • Create a dedicated user instead of relying on guest across containers.
  • Keep the AMQP credentials and the container env in sync.
  • URL-encode the default vhost "/" as %2F when it appears in the URL.

Related guides

Tired of flaky CI? Latchkey auto-heals failed jobs and retries them for you. Start free →