How to get the API Token for Jenkins

The non UI way to do this post Jenkins 2.129 is:

curl 'https://<jenkinsURL>/me/descriptorByName/jenkins.security.ApiTokenProperty/generateNewToken' \
--data 'newTokenName=foo' \
--user username:Password

which returns:

{
  "status": "ok",
  "data": {
    "tokenName": "foo",
    "tokenUuid": "<uuid>",
    "tokenValue": "<redacted>"
  }
}

Pre Jenkins 2.129

curl http://<username>:<password>@<jenkins-url>/me/configure

Tested in Jenkins 2.225

After making research for several hours I could find the answer:

Api Token is used instead of CSFR token. However, what happens if you want to make authentication from any other client(POSTMAN, CLI. curl, etc).

First you need to get a CSFR token and save the information in a cookie with --cookie-jar

  • REQUEST

curl -s --cookie-jar /tmp/cookies -u username:password http://localhost:8080/crumbIssuer/api/json

  • RESPONSE

{ "_class": "hudson.security.csrf.DefaultCrumbIssuer", "crumb": "bc92944100d12780cfc251c9255f3f323a475562b4ee0d8b9cc6e4121f50a450", "crumbRequestField": "Jenkins-Crumb" }

Then we can read the cookie with --cookie and generate the new token:

  • REQUEST

curl -X POST -H 'Jenkins-Crumb:your_crumb_token_generated_above' --cookie /tmp/cookies http://localhost:8080/me/descriptorByName/jenkins.security.ApiTokenProperty/generateNewToken?newTokenName=\your_token_name -u username:password

  • RESPONSE

{ "status": "ok", "data": { "tokenName": "my android token", "tokenUuid": "c510e26c-b2e8-4021-bf79-81d1e4c112af", "tokenValue": "11a2a0c91913d1391d8e8cb155ca714581" } }


Since Jenkins 2.129 the API token configuration has changed:

You can now have multiple tokens and name them. They can be revoked individually.

  1. Log in to Jenkins.
  2. Click you name (upper-right corner).
  3. Click Configure (left-side menu).
  4. Use "Add new Token" button to generate a new one then name it.
  5. You must copy the token when you generate it as you cannot view the token afterwards.
  6. Revoke old tokens when no longer needed.

Before Jenkins 2.129: Show the API token as follows:

  1. Log in to Jenkins.
  2. Click your name (upper-right corner).
  3. Click Configure (left-side menu).
  4. Click Show API Token.

The API token is revealed.

You can change the token by clicking the Change API Token button.

Tags:

Jenkins

Recent Posts