How to authenticate in Jenkins while remotely accessing its JSON API?

jenkins rest api authentication
jenkins api token
how to generate authentication token in jenkins
python-jenkins api
jenkins remote access api
python-jenkins api token
jenkins rest api authentication token
jenkins api get all jobs

I need to access the Jenkins JSON API from a Python script. The problem is that our Jenkins installation is secured so to log in users have to select a certificate. Sadly, in Jenkins Remote Access Documentation they don't mention a thing about certificates and I tried using the API Token without success.

How can I get to authenticate from a Python script to use their JSON API?

Thanks in advance!

You have to authenticate to the JSON API using HTTP Basic Auth.

To make scripted clients (such as wget) invoke operations that require authorization (such as scheduling a build), use HTTP BASIC authentication to specify the user name and the API token. This is often more convenient than emulating the form-based authentication

https://wiki.jenkins-ci.org/display/JENKINS/Authenticating+scripted+clients

Here is a sample of using Basic Auth with Python.

http://docs.python-requests.org/en/master/user/authentication/

Keep in mind if you are using a Self Signed certificate on an internal Jenkin Server you'll need to turn off certificate validation OR get the certificate from the server and add it to the HTTP request

http://docs.python-requests.org/en/master/user/advanced/

Remote Access API, Jenkins provides machine-consumable remote access API to its functionalities. Currently it comes in three flavors: XML. JSON with JSONP support When your Jenkins is secured, you can use HTTP BASIC authentication to authenticate� I need to access the Jenkins JSON API from a Python script. The problem is that our Jenkins installation is secured so to log in users have to select a certificate.

I finally found out how to authenticate to Jenkins using certs and wget. I had to convert my pfx certificates into pem ones with cert and keys in separate files For more info about that come here. In the end this is the command I used.

wget --certificate=/home/B/cert.pem --private-key=/home/B/key.pem --no-check-certificate --output-document=jenkins.json https:<URL>

Using Jenkins REST Api to manage your jobs remotely, Many objects of Jenkins provide the remote access API. They are Jenkins Jobs . Now you will use the token as parameter for your authentication. curl -X GET http://localhost:8080/api/json?pretty=true --user jenkins:� When your Jenkins is secured, you can use HTTP BASIC authentication to authenticate remote API requests. See Authenticating scripted clients for more details.

I'm not completely sure it covers your certificate use case, but since it took me some time to find out, I still want to share this snipped that retrieves the email address for a given user name in Python without special Jenkins libraries. It uses an API token and "supports" (actually ignores) https:

def _get_email_adress(user):
    request = urllib.request.Request("https://jenkins_server/user/"+ user +"/api/json")
    #according to https://stackoverflow.com/a/28052583/4609258 the following is ugly
    context = ssl._create_unverified_context() 
    base64string = base64.b64encode(bytes('%s:%s' % ('my user name', 'my API token'),'ascii'))
    request.add_header("Authorization", "Basic %s" % base64string.decode('utf-8'))

    with urllib.request.urlopen(request, context=context) as url:
        user_data = json.loads(url.read().decode())
        for property in user_data['property']:
            if property["_class"]=="hudson.tasks.Mailer$UserProperty":
                return property["address"];

Call rest api from jenkins job, 426 onward one can specify an API token instead of your real password while that consumes Jenkins's JSON API and aims at providing access to all remote API Dec 31, 2018 � Performing authenticated application vulnerability scanning � Using this parameter you can override the authentication used to connect to the selected remote Jenkins. Don't Override The authentication configured in the (global) settings of the selected 'remote host' is used. Token Authentication The specified user id and Jenkins API token is used. Credentials Authentication The specified Jenkins Credentials are used. This can be either user/password or user/API Token. No Authentication

How to build a job using the REST API and cURL? – CloudBees , I would like to be able to build a job remotely using the Jenkins REST API and cURL. This provides a workaround for JENKINS-12543, that doesn't require SSH Key Authentication. CloudBees Jenkins Enterprise; Remote Access API; cURL localhost:8080 with your Jenkins URL; test with your job name. The latest AD plugin should use the AD UPN for Jenkins user id. Make sure you upgrade the AD plugin and azure-commons plugin at the same time. But this version has some problems with Jenkins API now. You need to add a new role "username (UPN)" in the matrix to make it work around. The group feature seems not work now. I will investigate it.

Jenkins API Integration : Trigger Job Remotely via Jenkins API, Go to Jenkins website and add “api/json” to any page. If we get a JSON response on the browser, then that page can be accessed remotely. Note: While configuring project-level access, you associate one Teamforge project to one Jenkins project. In the Jenkins project, click Configure. In the Authorization from CollabNet section, enter the name of the Teamforge project. This project is used to determine what its members can do in the Jenkins project.

Jenkins API Client, Jenkins provides three kinds of remote access API. XML API, 2. JSON API, and 3. Python API. It is very simple to authenticate with your Jenkins server that has Open ID Use this token for the password parameter when initializing the client. One should be able to achieve the same with the CLI as with Jenkins API (creating jobs etc) but as far as I understand Jenkins CLI is not a good alternative for me since jobs created with will only appear in Jenkins after restarting or a "Reload Configuration from Disk", and that would cancel any other running jobs.

Comments
  • I had to use certificates :( But thanks a lot for the link which covers how to use certs with Python! I'm a Python newbie!