jenkins-control-plugin
jenkins-control-plugin copied to clipboard
MCMicS
How to add API token without credentials
Hi, Jenkins is hosted in my company VPN, I don't need credentials to have access to the pipelines, so I don't have any to login. To get an API Token to place on the plugin setup, I need to login, but since I don't have the credentials I'm not able to do it. How can I solve this issue. Thanks
I can have take a look in new year. You have no authentification in jenkins server configuration right?
Yes, that is correct. I have no way to login my self into Jenkins or access to any other means of configuration. I can had that, Hudson in Netbeans adds all projects automatically in the Services tab, so there is a way to do it without the api token or data crumb.
I can try it it in new year because im on holiday at this time. But i will look to it to use without given credentials
I managed to make the plugin retrieve the data by simply replacing the post method by a simple get method. Unfortunately "Build on Jenkins" command does not work because it requires a post method and then it returns an error related with the Crumb data.
Sorry for the delay: Which Jenkins Version to you use?
Because Jenkins says:
Beginning with Jenkins 2.214 and Jenkins LTS 2.222.1, the "Enable Security" checkbox has been removed. Jenkins own user database is used as the default security realm.
So you also know which security settings is used?
@luis-alves It is not possible to use an authentification provider within jenkins? For security reason it is bette to use authetificated users. API token are currently available for users. There is an open feature to support Token for Jobs (https://issues.jenkins.io/browse/JENKINS-56465)
But for now I suggest to create user in jenkins and use the API Token instead because else you provide a crumb data which is changed often and not recommend more for API calls.
@MCMicS I can't login because I don't have an account. I access Jenkins through a VPN, so the authentication is made in it, and Jenkins is totally opened. The version is Jenkins 2.263.1, and I don't have admin privileges to tell you which settings are currently set.
Hi @luis-alves Can you provide a screenshot from you Jenkins landing page? Is there a logged-in user after you redirected from you VPN and proxy to jenkins?
It is possible to grant me temporary access to the server? Or can you share more details on your setup of proxy and jenkins
I can try to provide a build to test if still needed where I allow anonymous access to API id possible
But I think this will not work. But I investigate it currently. If not possible I close this in favor to use accounts for security reasons.
Hi @luis-alves Jenkins recommend to use Token based for script (see https://www.jenkins.io/doc/book/security/csrf-protection/).
I've not found any solution except following:
- Allow only GET calls to list project. But then some features are missing (disabled) like Build and so on
- Ask for Crumb Issuer for anonymous access and use this
- Usage of ' https://github.com/jenkinsci/build-token-root-plugin' on Jenkins server and try to build with the created access token
In my opionion the secure way is the first. A dedicaterd userr for script access. If this is still not possible then try out the crumb way
Is the given setup still valid in your environment?
Hello
How to configure the Jenkins plugin in IntelliJ IDEA to connect with a local Jenkins server?
what are the params for :
- Servers address
- Jenkins URL
- Username
- API-Token
@doukhahmed Please do not post same questions twice; Answer found at: https://github.com/MCMicS/jenkins-control-plugin/discussions/529