Skip to content
Latchkey

Gradle "remote build cache ... 401" Develocity access key in CI

Gradle authenticated its remote build cache to Develocity with an access key. A 401 means the key is missing or wrong; a 403 means it authenticated but lacks cache write access. The build still runs but every cache read/write is skipped.

What this error means

The build logs "Could not load entry ... from remote build cache" or "response status code: 401" for the remote cache URL, and cached tasks re-execute.

Gradle
Could not load entry 'abc123' from remote build cache:
Loading entry from 'https://develocity.example.com/cache/abc123' response status 401: Unauthorized

Common causes

The Develocity access key is not injected

The DEVELOCITY_ACCESS_KEY (formerly GRADLE_ENTERPRISE_ACCESS_KEY) secret was never exposed to the step, so the cache request is anonymous and gets 401.

The key lacks cache-node permission

A 403 means the key is valid but the principal is not allowed to read or write the cache node.

How to fix it

Inject the Develocity access key

  1. Store the access key as a CI secret.
  2. Expose it to the step as DEVELOCITY_ACCESS_KEY (and GRADLE_ENTERPRISE_ACCESS_KEY for older plugins).
  3. Re-run so the remote cache authenticates.
.github/workflows/ci.yml
env:
  DEVELOCITY_ACCESS_KEY: ${{ secrets.DEVELOCITY_ACCESS_KEY }}
  GRADLE_ENTERPRISE_ACCESS_KEY: ${{ secrets.DEVELOCITY_ACCESS_KEY }}

Grant cache permission for a 403

A persistent 403 will not retry away. Confirm the access key belongs to a principal permitted to read and write the cache node.

How to prevent it

  • Keep the Develocity access key in a CI secret and inject it per job.
  • Grant the key least-privilege read/write on the cache node.
  • Do not treat a cache 401 as a build failure; fix the key.

Related guides

Tired of flaky CI? Latchkey auto-heals failed jobs and retries them for you. Start free →