Jenkins "Trigger builds remotely" > "Authentication Token" option missing
There’s a Jenkins plugin that works with 1.565.3 and newer which can bypass the matrix-based authentication for triggering the build job. I found this in a comment on JENKINS-17764 (which covers this particular issue) by Emil Dragu:
Install the Build Token Root Plugin, then change the upper part in the URL to the lower equivalent (rendered as list to make it more easily visible):
job/ProjectName/build?token=testbuildByToken/build?job=ProjectName&token=test
You can still pass an optional cause argument, too.
After some time and searching around, I think I am able to answer my own question with some confidence.
I believe the answer lies within the security settings. The purpose of the Authentication Token is to allow unauthorized users (developers) to trigger a build without having login access to Jenkins (see https://wiki.jenkins-ci.org/display/JENKINS/Authenticating+scripted+clients and https://wiki.jenkins-ci.org/display/JENKINS/Quick+and+Simple+Security).
So if you are using Matrix-based security (under "Configure Global Security" >> Authorization), then the "Trigger builds remotely" option will go away because it is presumed that you will be authenticating requests using a Jenkins user account.
In order to do that you can make an HTTP request with the username/password (or even better username/API Token):
curl -X POST "https://username:api-token@JENKINS_URL/job/Example/build"
Disclaimer
Before reading this answer you have to know that I just accumulate all helpful information in this answer, which I've found across stackoverflow, all creds should be for guys who did actual researches.
I move the content of the link from this comment to stackoverflow just to preserve from deadlink.
Info
The name of my job is Football. I would also suggest you to create a dedicated jenkins user and password rather than using admin:admin as I'll use in this example. My jenkins GUI URL is http://192.168.99.20:8080 as I am on vagrant.
Create job
- Login to jenkins in
http://192.168.99.20:8080address. - Create a "Free Style" project named as "Football".
- Open it's configuration.
- Go to "Build Triggers" section.
- Tick "Trigger builds remotely (e.g., from scripts)" option just to take a note of the text written in there and untick it again. Text reads
Use the following URL to trigger build remotely: JENKINS_URL/job/Football/build?token=TOKEN_NAME or /buildWithParameters?token=TOKEN_NAME. Optionally append &cause=Cause+Text to provide text that will be included in the recorded build cause.. - Save and exit.
Get API user and token
- Login to jenkins in
http://192.168.99.20:8080address. - Click your username (mine is admin) on right hand side of the page.
- Select "Configure" option which will take you to
http://192.168.99.20:8080/user/admin/configurepage. - In "API Token" section click "Show API token" button.
- Note "User ID" and "API Token" to use in your curl command later on. e.g.
admin:85703fb68927f04968630e192e4927cb
Obtain crumb
For more information, visit Remote access API page.
$ wget -q --auth-no-challenge --user admin --password admin --output-document - 'http://192.168.99.20:8080/crumbIssuer/api/xml?xpath=concat(//crumbRequestField,":",//crumb)'
This will give you something like Jenkins-Crumb:44e7033af70da95a47403c3bed5c10f8. Without crumb information, running curl command will result in example errors such as HTTP/1.1 403 Forbidden or Error 403 No valid crumb was included in the request.
Test
$ curl -I -X POST http://admin:[email protected]:8080/job/Football/build -H "Jenkins-Crumb:44e7033af70da95a47403c3bed5c10f8"
HTTP/1.1 201 Created
Date: Fri, 02 Jun 2017 06:17:51 GMT
X-Content-Type-Options: nosniff
Location: http://192.168.99.20:8080/queue/item/17/
Content-Length: 0
Server: Jetty(9.2.z-SNAPSHOT)
Original link
In additional to the information above I've also found how to get Jenkins-Crumb with cli from this answer
CRUMB=$(curl -s 'http://USER:TOKEN@localhost:8080/crumbIssuer/api/xml?xpath=concat(//crumbRequestField,":",//crumb)')