Java Client SDK 3.2


Updated: April 5, 2024

Nuxeo Java Client handles these authentication methods:

  • basic authentication via BasicAuthInterceptor
  • portal SSO authentication via PortalSSOAuthInterceptor
  • token authentication via TokenAuthInterceptor

Basic Authentication

The default authentication method is the basic authentication. Client builder has a convenient method to configure Nuxeo Java Client with a basic authentication:

new NuxeoClient.Builder().authentication("Administrator", "Administrator");

Whose equivalent is:

new NuxeoClient.Builder().authentication(new BasicAuthInterceptor("Administrator", "Administrator"));

Portal SSO Authentication

Once Portal SSO authentication has been activated on your Nuxeo server you can use this method to connect the Java client with:

new NuxeoClient.Builder().authentication(new PortalSSOAuthInterceptor("Administrator", "nuxeo5secretkey"));

Token Authentication

Token authentication is enabled by default on Nuxeo server, to use it in Java client:

new NuxeoClient.Builder().authentication(new TokenAuthInterceptor("nuxeoToken"));

Token obtention is not implemented in java client and should be done by following this documentation.

JWT Authentication

JWT authentication can be enabled on Nuxeo server if you set up a secret with nuxeo.jwt.secret in your nuxeo.conf, to use it in java client:

new NuxeoClient.Builder().authentication(new JWTAuthInterceptor("nuxeoToken"));

There's currently no way to obtain a JWT token through built-in REST API.

Implement Your Own

By design, Nuxeo Java Client leverages OkHttp Interceptor interface to handle authentication between client and server.

This is what expect the method: NuxeoClient.Builder#authentication(Interceptor).

You just need to implement one method which will be responsible to inject the appropriate header:

public class MyAuthInterceptor implements Interceptor {

    protected String token;

    public MyAuthInterceptor(String token) {
        this.token = token;

    public Response intercept(Chain chain) throws IOException {
        Request request = chain.request() // get the request
                               .newBuilder() // create a new builder from it
                               .addHeader("MY-HEADER", token) // add header
                               .build(); // finally build request
        return chain.proceed(request);


Then you can use it:

new NuxeoClient.Builder().authentication(new MyAuthInterceptor("mySuperToken"));


Related sections in this documentation