I am trying to add a global shared library in the Jenkins configuration. The library is in a Git repository which is accessed via https with password authentication. I configured this library using the Modern SCM option.

I added the credentials with the name "Jenkins Credentials" in the global credentials store with "System" scope.

The global library configuration says "Currently maps to revision: <correct revision>" for the default version, which indicates that the configuration is correct.

When I try to use this library in a job, the message "using GIT_ASKPASS to set credentials Jenkins Credentials", however, authentication fails ("fatal: Authentication failed for 'https://[...]'" from git fetch).

When I set the credentials from "System" to "Global" scope, the job works as expected. However, with this configuration, everyone with permissions to create jobs can use these credentials in their job, which is not desired.