16

I have tried to execute(trigger) jenkins job (not a parameterized job) via curl command by using below methods but it showing these results. my jenkins version is Jenkins 2.73.3

curl -X POST -u jenkins_user_name:jenkins_user_passwd http://jenkins_server/job/job_name/build

But it says Forbidden 403 enter image description here

Therefore, I have created a Authentication Token for the Job enter image description here

curl -X POST http://jenkins_server/job/job_name/build?token=wefiytgwiefiweihfqweiodf

It's also giving the same error. it says Forbidden 403

After that , I have created an API Token for jenkins User and tried. enter image description here

curl -X POST -u auto:testingdae6dc22a73048e6d596e7b0 http://jenkins_server/job/job_name/build?token=wefiytgwiefiweihfqweiodf

But It also the same , it says Forbidden 403

Actually I have followed this answer as well. https://www.nczonline.net/blog/2015/10/triggering-jenkins-builds-by-url/ this is also not worked for me.

every time , It's 403 forbidden. I think I couldn't authenticate jenkins user properly.

Prabath Dolawatta
  • 511
  • 1
  • 5
  • 13

2 Answers2

15

found the answer. Actually those steps are correct. I would like to mention the correct steps.

Create a user in Jenkins, you can use that user password or API token for trigger Jenkins job. But creating an API token for that user is much better. But both ways working fine.

But you have to create an Authentication token for Jenkins Job

enter image description here

Using Password

curl -I -u auto:<userpasswd> http://<jenkins_server>/job/test/build?token=wefiytgwiefiweihfqweiodf

Using an API Token

Create an API token for that Jenkins user enter image description here

curl -I -u auto:<user_api_token> http://<jenkins_Server>/job/test/build?token=wefiytgwiefiweihfqweiodf

these are the results, using jenkins user Password and jenkins user API token.

enter image description here

Actually you can send this request , without "-I" as well. 

curl -u auto:<jenkins_user_token> http://<jenkins_server>/job/test/build?token=wefiytgwiefiweihfqweiodf

curl -u auto:<jenkins_user_password> http://<jenkins_server>/job/test/build?token=wefiytgwiefiweihfqweiodf
Prabath Dolawatta
  • 511
  • 1
  • 5
  • 13
  • 1
    Just tried this... I added an Auth-token and used it with `curl -u auto: http:///job/test/build?token=wefiytgwiefiweihfqweiodf` and got ` Error 403 No valid crumb was included in the request

    HTTP ERROR 403

    Problem accessing /job/hailo_ci_pull_request/build. Reason: 

        No valid crumb was included in the request
    Powered by Jetty:// 9.4.z-SNAPSHOT
    `     – CIsForCookies Feb 04 '19 at 13:58
  • seems like you have entered the wrong authentication token. please check this part "token=wefiytgwiefiweihfqweiodf" with your authentication token. – Prabath Dolawatta Feb 04 '19 at 14:31
  • I used my authentication token that I generated from the API token in my user tab - http:///user//configure – CIsForCookies Feb 04 '19 at 15:26
  • I'm running an _Execute shell_ build step to start a job on the very same Jenkins (v2.249.1) instance. The `user:token` version works (even without the `token` query parameter, now wonder: it's for _Trigger builds remotely_, I'm working locally): `'/c/Program Files/Git/mingw64/bin/curl' -I -s -S -u jenkins:11e73355c68426b1bd0a4616d189d5bc2f \ -X POST http://localhost:8083/job/$Project_To_Build/build`. The `user:pwd` version doesn't: `'/c/Program Files/Git/mingw64/bin/curl' -I -s -S -u jenkins:jenkins \ -X POST http://localhost:8083/job/$Project_To_Build/build` – _HTTP/1.1 403 Forbidden_. – Gerold Broser Sep 15 '20 at 19:43
1

To configure these permissions:

  • Click Manage Jenkins
  • Click Configure Global Security
  • Remove Prevent Cross Site Request Forgery exploits
  • Click save
Cory Knutson
  • 1,866
  • 12
  • 20
vincent wu
  • 19
  • 1
  • 4
    Sounds like this would undermine the security of your system. Do you really want every website you visit to be able to run jobs on your Jenkins install? – kasperd Oct 25 '18 at 18:40
  • 1
    You should use tokens instead of doing that. Security first !!!! – Robert Jun 25 '20 at 17:41