Jenkins ver 2.176.1
We upgraded to `0.32` github oauth and experience this issue. (Previous: 0.29 worked)
We can't edit global settings, security settings, security permissions on jobs or even edit workspace permissions. "No valid crumb was included in the request" is our life now.
[EDIT] Upgrading this bug to CRITICAL if you don't mind. Restarted Jenkins after "downgrading" to github-oauth 0.29 and we are still on github-oauth 0.32, we have no workaround for this bug. We may be able to force CSRF disabled in Jenkins v2.176.1 by setting java startup option `hudson.security.csrf.GlobalCrumbIssuerConfiguration=false` but that is a really bad idea with the oauth integration and always. That is why prioritization is critical on this issue.
Thanks guys, CSRF implementations are never fun. Hope a fix is found soon.