Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-52701

SAML Auth Provider doesn't allow api tokens to authenticate

    XMLWordPrintable

Details

    Description

      Using an API token configured for a user doesn't allow access to the api e.g. accessing https://user:apitoken@jenkins/crumbIssuer/api/json causes a redirect to the saml auth provider instead of authenticating with the users apitoken.

      Attachments

        Activity

          Ascending order - Click to sort in descending order
          View 4 older comments
          jsharpe James Sharpe added a comment -

          I've just regenerated the tokens under a user that authenticates with saml and it works now. The user for which it was failing was a user that wouldn't be authenticated via saml and was probably using a legacy api token.

          jsharpe James Sharpe added a comment - I've just regenerated the tokens under a user that authenticates with saml and it works now. The user for which it was failing was a user that wouldn't be authenticated via saml and was probably using a legacy api token.
          ifernandezcalvo Ivan Fernandez Calvo added a comment -

          so it is resolved, right?

          ifernandezcalvo Ivan Fernandez Calvo added a comment - so it is resolved, right?
          jsharpe James Sharpe added a comment -

          Yes, sorry for the noise

          jsharpe James Sharpe added a comment - Yes, sorry for the noise
          bvinayprasad Vinay B added a comment -

          I'm facing the same issue. Its redirecting to the SAML Auth Provider instead of authenticating with the username and api token. Am on 2.179

          bvinayprasad Vinay B added a comment - I'm facing the same issue. Its redirecting to the SAML Auth Provider instead of authenticating with the username and api token. Am on 2.179
          ifernandezcalvo Ivan Fernandez Calvo added a comment -

          bvinayprasad see the James comments, the user has to login at least once to grab the groups and create the user, also it should be a SAML real user.

          ifernandezcalvo Ivan Fernandez Calvo added a comment - bvinayprasad see the James comments, the user has to login at least once to grab the groups and create the user, also it should be a SAML real user.

          People

            ifernandezcalvo Ivan Fernandez Calvo
            jsharpe James Sharpe
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: