Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-55157

gitlab-oauth and api tokens with CSRF protection enabled

    XMLWordPrintable

Details

    Description

      There is a lack of documentation on how to use CSRF Protection and gathering a crumb when gitlab-oauth (and other oauth providers) are in use, and what limitations there are.

      For instance: You cannot password auth, you must create a jenkins api token, Additionally your user (not the groups you are assigned to in gitlab). If after logging in you receive:

      • 500 error - Your credential is bad
      • 403 error - Your credential is good but your user is missing Overall Read access
      • 200 - Success you should have a Jenkins-Crumb

      Attachments

        Activity

          People

            elhabib_med Mohamed El Habib
            james_powis James Powis
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated: