How to restrict repos for anonymous users

we are using nexus repo for a long time, and in our case users can browse the repository without logging in

how can we restrict this?

we wanted to browse only after login, if I disable this option “Allow anonymous users to access the server” then our builds are failing because it needs authentication so I wanted to restrict only on the browser end, please advise how can do that?

There is a “browse” permission separate from the “read” permission for repositories. I’d recommend creating a new user and role that contains only the permissions you want your anonymous user to have and then change the anonymous user in the settings. Keep in mind that blocking the browse functionality doesn’t necessarily mean that someone can’t figure out what your repository contains. In maven for example, there are metadata.xml files that could still be used to determine everything in the repositories.

If you have a PRO license, another option would be to disable anonymous user access, but create a user for CI to use and setup user tokens.