Using an API token configured for a user doesn't allow access to the api e.g. accessing https://user:apitoken@jenkins/crumbIssuer/api/json causes a redirect to the saml auth provider instead of authenticating with the users apitoken.