Issues JENKINS-69758 and JENKINS-70013 are the same problem.
https://issues.jenkins.io/browse/JENKINS-69758
https://issues.jenkins.io/browse/JENKINS-70013
With the latest Rundeck 3.6.13 plugins saving /configure when the password is blank causes the rundeck plugin to generate a default passowrd, even if you are using Auth token authentication with a specified API version. you can see this in the /var/jenkins_home/org.jenkinsci.plugins.rundeck.RundeckNotifier.xml
<org.jenkinsci.plugins.rundeck.RundeckNotifier_-RundeckDescriptor plugin="rundeck@3.6.13">
<rundeckInstances>
<org.jenkinsci.plugins.rundeck.RundeckInstance>
<name>Default</name>
<url>http://rundeck-rundeck:443</url>
<apiVersion>31</apiVersion>
<login></login>
<token>{AQAAABAAAAAwT+VMVCRRSWzJ4In3tp7cjbjIunI6mlhoNrrfoSPZB/ZWyvmUNfr8OLYkJwhi1aIxRv4CBU2RuRulp+QVCrR6OA==}</token>
<password>{AQAAABAAAAAQN0VP8kNUaNNQp8Iaj9oPJ1XNYW9lg69hGIP1LsJC0rg=}</password>
<sslHostnameVerifyAllowAll>false</sslHostnameVerifyAllowAll>
<sslCertificateTrustAllowSelfSigned>false</sslCertificateTrustAllowSelfSigned>
<systemProxyEnabled>false</systemProxyEnabled>
<useIntermediateStreamFile>false</useIntermediateStreamFile>
</org.jenkinsci.plugins.rundeck.RundeckInstance>
</rundeckInstances>
<rundeckJobCacheConfig>
<enabled>false</enabled>
<afterAccessExpirationInMinutes>1080</afterAccessExpirationInMinutes>
<maximumSize>500</maximumSize>
<cacheStatsDisplayHitThreshold>200</cacheStatsDisplayHitThreshold>
</rundeckJobCacheConfig>
</org.jenkinsci.plugins.rundeck.RundeckNotifier_-RundeckDescriptor>
The Rundeck 3.6.10 plugin did not add login and password lines if they were blank.
<login></login>
<password>{AQAAABAAAAAQN0VP8kNUaNNQp8Iaj9oPJ1XNYW9lg69hGIP1LsJC0rg=}</password>
Therefore the Rundeck 3.6.13 does not work when using Auth Token. It does not validate the
job identifier, because it wants a job user/password.
I'm using these plugins with Rundeck 3.0.22-20190512
Same issue for me. Any update vbehar