Azure DevOps service hooks unauthorized after upgrade

Using Jenkins
1

After upgrading Jenkins from version 2.332.4 to 2.426.3 Azure Devops service hooks on code push event become unauthorized. It use Built-in Jenkins API. Git plugin version 5.2.1
On Azure Devops username and password appear to be valid.
But when I test it from Azure devops it says in:
Status Code: 401
Reason Phrase: Unauthorized
HTTP Version: 1.1
Headers:
{
X-Content-Type-Options: nosniff
Cache-Control: no-store, must-revalidate, no-cache
Date: Mon, 11 Mar 2024 08:01:42 GMT
Server: Jetty(10.0.18)
Content-Length: 925
Content-Type: text/html; charset=iso-8859-1
}

Environment:
Jenkins 2.426.3, Git plugin version 5.2.1
openjdk version “11.0.22” 2024-01-16
OpenJDK Runtime Environment (build 11.0.22+7-post-Ubuntu-0ubuntu220.04.1)
OpenJDK 64-Bit Server VM (build 11.0.22+7-post-Ubuntu-0ubuntu220.04.1, mixed mode, sharing)
Ubuntu 20.04.4 LTS
Can you help us with this issue?

2

If the Azure DevOps service hook on code push is calling the /notifyCommit URL of the Jenkins controller with arguments, then you need to follow the instructions in the git plugin documentation. That includes:

  • Generate a Git plugin notifyCommit access token from the “Configure Global Security” page
  • Update the caller to include that token as an additional argument

You can read more about it SECURITY-284. The improvement was introduced in git plugin 4.11.4.