Artifactory Maven "401 Unauthorized" (settings.xml) in CI
Maven could not authenticate to the Artifactory repository. The <server> id in settings.xml does not match the repository id, or the username/token is missing or stale.
What this error means
A mvn deploy or mvn install against Artifactory fails with "Failed to deploy artifacts: Could not transfer artifact ... status code: 401" or "Not authorized".
[ERROR] Failed to execute goal org.apache.maven.plugins:maven-deploy-plugin:deploy:
Failed to deploy artifacts: Could not transfer artifact com.acme:app:jar:1.0.0 from/to
central (https://acme.jfrog.io/artifactory/libs-release): status code: 401, reason phrase: UnauthorizedCommon causes
settings.xml server id does not match the repo id
Maven matches <server><id> to the repository or distributionManagement id. A mismatch means no credentials are sent and the request is anonymous.
Missing or expired token in settings.xml
The <server> block has no password/token, or it holds an expired one, so the deploy returns 401.
How to fix it
Let jf configure Maven repositories
- Configure resolve and deploy repos for the jf CLI.
- Run Maven through jf so it injects credentials from JF_ACCESS_TOKEN.
- Keep the server id consistent between settings.xml and the repo config.
jf mvn-config --repo-resolve-releases libs-release --repo-deploy-releases libs-release-local
jf mvn clean deployMatch the server id and inject the token
If configuring Maven directly, set a <server> whose id equals the repository id and source the token from an env var.
<server>
<id>libs-release-local</id>
<username>${env.JF_USER}</username>
<password>${env.JF_ACCESS_TOKEN}</password>
</server>How to prevent it
- Keep
<server>ids aligned with repository/distributionManagement ids. - Source Maven credentials from env vars, not committed settings.
- Prefer
jf mvn-configso the CLI manages Artifactory auth.