Jenkins API token

Description

General

• Documentation: https://www.jenkins.io/blog/2018/07/02/new-api-token-system/

• Summary: Jenkins is an open-source automation server widely used for continuous integration (CI) and continuous delivery (CD) in software development. Since version 2.129 Jenkins offers a new API token systems that allow any user to programmatically authenticate on an instance without providing their password.

• IPs allowlist: This feature is not available

• Scopes: Credentials' scopes are those of the user they belong to.

Revoke the secret

Tokens can be revoked from the Jenkins UI. Each user can revoke their own tokens. Administrators can also revoke the API tokens of any user in the user modification view.

Check for suspicious activity

Jenkins offers little logging capabilities regarding users accesses and key usage.

Details for Jenkins api token

• Family: Api

• Category: CI/CD

• Company: Jenkins

• High recall: False

• Validity check available: False

• Minimum number of matches: 2

• Occurrences found for one million commits: 0.25

• Prefixed: False

• PreValidators:

- type: ContentWhitelistPreValidator
  patterns:
    - jenkins
- type: ContentWhitelistPreValidator
  patterns:
    - user

Examples

- text: |
    JENKINS_URL=http://localhost:8080/
    JENKINS_USER=prod_admin
    JENKINS_TOKEN=118c8ee3a5d6df59dc31b19c8e85878a26
  token: 118c8ee3a5d6df59dc31b19c8e85878a26
  username: prod_admin
- text: |
    //        String username="prod.admin@example.com";
    //        String password="118c8ee3a5d6df59dc31b19c8e85878a26";
    //        String jenkinsUrl = "http://localhost:8080";
  token: 118c8ee3a5d6df59dc31b19c8e85878a26
  username: prod.admin@example.com
- text: |
    obj1 = Credentials(jenkins_url="http://3.89.107.140:8080/manage/", \
              auth_username= "admin",auth_token= "118c8ee3a5d6df59dc31b19c8e85878a26", \
              crumb_url="http://3.89.107.140:8080//crumbIssuer/api/json")
  token: 118c8ee3a5d6df59dc31b19c8e85878a26
  username: admin