I am setting up Nexus 3.29 OSS to be used with Maven repositories. One of the first issue I see is with the plain-text nexus credentials being stored in Maven settings.xml.
Maven supports API tokens instead of passwords, but I am not finding any way in Nexus to generate API token. I do see Nuget API key, but I believe that’s meant for Nuget repos.
Came across an old article written 9 yrs ago on Nexus 2, which says that OSS version does not support generating API token while Pro does. Is that still true that Nexus 3 today does not support API token generation ?
I can still encrypt the password using Maven encrypt password utility, but wanted to confirm if that is the only possible way to avoid plain-text passwords.
Any best practices or recommendations around this ?