-
Bug
-
Resolution: Unresolved
-
Blocker
-
None
-
Jenkins: 2.254
github-oauth: 0.33
Github Enterprise: 2.21.3
I have both the Github oauth plugin enabled for authentication and Github committer authorization strategy enabled. Within the authorization block I have disabled "Grant READ permissions for anonymous users".
Any attempt to retrieve artifacts from completed build jobs, while using personal access tokens generated on our Github Enterprise server results in "Error 403 forbidden" errors.
hoshposh66 I had the same issue with the error message of "HTTP ERROR 403 No valid crumb was included in the request". After digging into it I figured out that starting from Jenkins v*2.176.2* you need to issue a crumb and use the issues crumb plus the session cookies of the crumbIssuer request with the subsequent API calls. This guide explains it in a bit more details https://support.cloudbees.com/hc/en-us/articles/219257077-CSRF-Protection-Explained