Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-55157

gitlab-oauth and api tokens with CSRF protection enabled

    XMLWordPrintable

    Details

    • Similar Issues:

      Description

      There is a lack of documentation on how to use CSRF Protection and gathering a crumb when gitlab-oauth (and other oauth providers) are in use, and what limitations there are.

      For instance: You cannot password auth, you must create a jenkins api token, Additionally your user (not the groups you are assigned to in gitlab). If after logging in you receive:

      • 500 error - Your credential is bad
      • 403 error - Your credential is good but your user is missing Overall Read access
      • 200 - Success you should have a Jenkins-Crumb

        Attachments

          Activity

          There are no comments yet on this issue.

            People

            Assignee:
            elhabib_med Mohamed El Habib
            Reporter:
            james_powis James Powis
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Dates

              Created:
              Updated: