I have a custom application which allows end users to select and provision cloud resources on azure / aws. The authentication to this portal is configured against Azure AD. Intent is to invoke a Jenkins Job remotely from the portal to execute a deployment pipeline which create resources on cloud service provider. Jenkins is also configured to authenticate and authorize based on Azure AD (using Azure AD Plugin). I am trying to invoke the APIs remotely to trigger the job and I want to retain the user context. Unfortunately Jenkins API does not support OAuth token and I need to rely on user ID and API token. Problem is not every user will ever login to Jenkins via Azure AD to create Jenkins user profile where we need to generate API token, neither there is any way to get the API token programmatically by passing the OAuth Token. I need to do few activities in Jenkins based on the current user context and this does not seem possible given that neither I can get the API token dynamically nor I can pass OAuth token.
What is the solution?