Multi-factor Authentication

Article ID:216559477
1 minute readKnowledge base

Issue

Integrate Jenkins with MFA (Multi-factor authentication)

Resolution

CloudBees' approach to Multi Factor Authentication (MFA) and to One Time Password (OTP) is to recommend Jenkins administrator to secure their Jenkins infrastructure with Single Sign On solution.

Organizations who want MFA or OTP usually implement it

  • either using an external service such as Google Auth or GitHub Auth

  • or as part of a corporate security project with the deployment of an enterprise authentication service usually coupled with an SSO platform

You can integrate with SSO service through SAML, OpenID or Oauth. It is also very common to integrate a SSO reverse proxy.

Notice that MFA is implemented outside of Jenkins and Jenkins' role is to integrate with such a service.

This article is part of our Knowledge Base and is provided for guidance-based purposes only. The solutions or workarounds described here are not officially supported by CloudBees and may not be applicable in all environments. Use at your own discretion, and test changes in a safe environment before applying them to production systems.