Skip to content
Latchkey

Nexus "status code 401" bad credentials on deploy in CI

Nexus rejected the deploy with 401. The credentials Maven/Gradle sent were missing or wrong, or the <server> id in settings.xml did not match the <repository> id used by the deploy.

What this error means

mvn deploy fails with "Failed to deploy artifacts: Could not transfer artifact ... Received status code 401 (Unauthorized)" against the Nexus URL.

Nexus
[ERROR] Failed to execute goal org.apache.maven.plugins:maven-deploy-plugin:deploy
[ERROR] Could not transfer artifact com.acme:app:jar:1.0.0 from/to nexus
[ERROR] (https://nexus.example.com/repository/maven-releases/):
[ERROR] status code: 401, reason phrase: Unauthorized (401)

Common causes

No credentials supplied for the server id

Maven matches <server><id> in settings.xml to the <repository><id> in the pom. If they differ or the server block is absent, no credentials are sent.

Wrong username or an expired user token

The Nexus user password or NuGet/user token in settings.xml is stale after a rotation, so the request is unauthorized.

How to fix it

Match the server id and inject credentials

  1. Ensure <server><id> equals the repository id used in distributionManagement.
  2. Populate the username/password from CI secrets, not literals.
  3. Re-run the deploy.
settings.xml
<servers>
  <server>
    <id>nexus</id>
    <username>${env.NEXUS_USER}</username>
    <password>${env.NEXUS_PASS}</password>
  </server>
</servers>

Verify the credential against Nexus

Confirm the login works before blaming the pom.

Terminal
curl -u "$NEXUS_USER:$NEXUS_PASS" \
  https://nexus.example.com/service/rest/v1/status

How to prevent it

  • Keep the <server> id aligned with the repository id.
  • Store Nexus credentials in CI secrets and template settings.xml.
  • Use Nexus user tokens so password rotations do not break CI silently.

Related guides

Tired of flaky CI? Latchkey auto-heals failed jobs and retries them for you. Start free →