Npm ERR! Unable to authenticate, need: BASIC realm="Sonatype Nexus Repository Manager"

I have upgraded Nexus from Sonatype Nexus Repository OSS 3.16.2-01 to Sonatype Nexus RepositoryOSS 3.66.0-02. After the upgrade, while doing the
build using code build (AWS), I am getting below authentication error

The command npm install is giving the authentication error

[Container] 2024/04/05 14:35:35.467385 Running command npm install && npm install -g @angular/cli@“v16-lts”
npm WARN config _auth, _authToken, username and _password must be scoped to a registry. see npm help npmrc for more information.
npm WARN old lockfile
npm WARN old lockfile The package-lock.json file was created with an old version of npm,
npm WARN old lockfile so supplemental metadata must be fetched from the registry.
npm WARN old lockfile
npm WARN old lockfile This is a one-time fix-up, please be patient…
npm WARN old lockfile
npm WARN EBADENGINE Unsupported engine {
npm WARN EBADENGINE package: ‘karma@1.7.1’,
npm WARN EBADENGINE required: { node: ‘0.10 || 0.12 || 4 || 5 || 6 || 7 || 8’ },
npm WARN EBADENGINE current: { node: ‘v16.20.1’, npm: ‘8.19.4’ }
npm ERR! code E401
npm ERR! Unable to authenticate, need: BASIC realm=“Sonatype Nexus Repository Manager”

Below contents are in npmrc


We tried to build locally with same configuration and it was successful. but not through code build.
Is there anything changed in the newer version if nexus ? Please help me to resolve this issue.

Hi @km.jithesh and welcome! I put your question in Ask Sona, our Sonatype-trained AI support at, and got this answer. This is a new feature on our Support site and is always available if you have questions (it’s trained on all public-facing customer resources and is always learning, so definitely test before deploying anything!)

The error message you’re seeing, Unable to authenticate, need: BASIC realm=“Sonatype Nexus Repository Manager”, suggests that there might be an issue with the npm client version you’re using.

According to a Sonatype support article, npm client versions 5.0.0 to 5.0.3 have a regression where the old basic authentication method is not supported, which could lead to 401 Unauthorized responses when trying to access a Nexus Repository npm repositories.

If you’re using one of these npm client versions, you could try the following solutions:

  • Upgrade to npm version 5.0.4 or greater

  • Downgrade to an npm version earlier than 5.0.0

  • Run npm login and use npm bearer token realm in Nexus Repository 3

  • Possibly try a client-based manual workaround specifying registry specific auth

If none of these solutions work, or if you’re not using one of the affected npm client versions, it might be worth checking if there have been any changes in the authentication requirements or methods in the newer version of Nexus that you’ve upgraded to. You can refer to the Sonatype Help site or the Compatibility Matrix for the most recent state of upgrade compatibility between different Nexus versions.

I hope this helps give you a place to start!