I am trying to use the Active Choices Plugin to create a dynamic dropdown that lists projects from an external tool (e.g., JFrog/SonarQube) by calling its REST API.

Problem: > I am struggling to securely retrieve a Secret Text credential within the Groovy script and use it in an Authorization header. I am running into two main issues:

1. Sandbox Violations: My script is being blocked by the Groovy Sandbox (errors like RejectedAccessException).

1. Context Access: I am unsure of the safest way to lookup credentials without using the high-privilege Jenkins.instance.

What I’ve tried:

• I used CredentialsProvider.lookupCredentials, but it requires multiple admin approvals in "In-Process Script Approval."

• I tried running without the Sandbox, but I want to follow security best practices.

Request: Could someone provide a "Best Practice" code snippet for an Active Choices script that: