Lets build and related REST build triggers be accessed even when anonymous users cannot see Jenkins.
The use case is that Jenkins is secured so that anonymous users lack overall read permissions. Say you want to triggers builds of certain jobs from a script. You can pick a sufficiently authenticated user and use that person’s API token to POST to job/NAME/build. But this grants that person’s full permissions to anyone who can see the script, which is hazardous.
The usual workaround for this issue is to define a build authorization token in job configuration, and have the script ping job/NAME/build?token=SECRET. Unfortunately Jenkins checks URIs hierarchically and just getting as far as job/NAME/ requires authentication.
This plugin offers an alternate URI pattern which is not subject to the usual overall or job read permissions. Just ping buildByToken/build?job=NAME&token=SECRET. This URI is accessible to anonymous users regardless of security setup, so you only need the right token.
(The variant sub-URIs buildWithParameters and polling are also supported, as is the usual delay query parameter.)
To create a token for your job, go to the job configuration, select "Trigger Builds Remotely" in the build triggers section. The token you set here is what you will pass via the url.
Trigger the RevolutionTest job with the token TacoTuesday
Trigger the RevolutionTest job with the token TacoTuesday and parameter Type supplied with the value Mexican
Skip to end of metadata Go to start of metadata