Retrieving user API token in JOC environment with SSO enabled

Article ID:210476127
1 minute readKnowledge base

Issue

The user used to have an environment with just a controller, and getting the user API token was done with a simple query to the controller. After adding JOC with SSO, it is no longer possible to query the controller directly with just username:password to retrieve the API token.

The ability to retrieve the API token is useful for applications that have no knowledge of how Jenkins works, and just want to provide their credentials (username:password) to execute a command.

Environment

  • CloudBees Jenkins Enterprise - Operations Center (CJE-OC)

  • CloudBees Jenkins Enterprise - Managed controller (CJE-MM)

Resolution

The JOC needs to be queried directly to retrieve the API token. This token will be usable across all connected client controllers. An example can be found below.

curl -u '<user>:<password>' 'http(s)://<joc-host>:<port>/user/<user>/configure' | grep apiToken
curl -u '<user>:<apiToken>' 'http(s)://<jenkins-controller-host>:<port>/<job-trigger-path>'
This article is part of our Knowledge Base and is provided for guidance-based purposes only. The solutions or workarounds described here are not officially supported by CloudBees and may not be applicable in all environments. Use at your own discretion, and test changes in a safe environment before applying them to production systems.