Registry mirror shows "authentication required" unless I use sudo

I have Nexus configured with a docker group that contains a single docker proxy of the main docker registry. I have also enabled the Docker Bearer Token Realm and have enabled Anonymous Access for both the proxy and the group. I have also verified the anonymous user has access to the docker repository. The docker group is being served up on http port 8181.

On my local docker config, I have added the URL as a registry_mirror in my /etc/docker/daemon.json file and restarted the docker daemon. If I do a docker info I see the mirror in the output.

My issue comes when trying to pull/build images. If I run docker build -t my-image . or docker pull hello-world, I see the following in my journalctl output: “unauthorized: authentication required” for my registry mirror, and the image is pulled from the main dockerhub. However if I instead run sudo docker build -t my-image . or sudo docker pull hello-world, the image will pull through my nexus cache.

Any insight to making this work from my normal user? Thank you.