While it is understandable that creating a token through the API may raise security concerns, would it be possible to create a token through the API?
To check the status of my local Jenkins instance running through Docker, I use the curl command with the generated token to post a job build.
I have checked, and the hashed version of the token is not visible through JCasc.
It is in a config.xml file somewhere.
However, if Iām unable to create a token through the API and cannot persist it through JCasc, are there any other alternatives I should consider?
works well and creates a cookies.txt file, and a CRUMB variable.
# Netscape HTTP Cookie File
# https://curl.se/docs/http-cookies.html
# This file was generated by libcurl! Edit at your own risk.
#HttpOnly_localhost FALSE / FALSE 0 JSESSIONID.985e6e10 node01atelbjgy57rs18spc5gkpz3sk6.node0
<html>
<head>
<meta http-equiv="Content-Type" content="text/html;charset=ISO-8859-1"/>
<title>Error 403 No valid crumb was included in the request</title>
</head>
<body><h2>HTTP ERROR 403 No valid crumb was included in the request</h2>
<table>
<tr><th>URI:</th><td>/user/admin/descriptorByName/jenkins.security.ApiTokenProperty/generateNewToken</td></tr>
<tr><th>STATUS:</th><td>403</td></tr>
<tr><th>MESSAGE:</th><td>No valid crumb was included in the request</td></tr>
<tr><th>SERVLET:</th><td>Stapler</td></tr>
</table>
<hr/><a href="https://eclipse.org/jetty">Powered by Jetty:// 10.0.15</a><hr/>
</body>
</html>
So I tried curl -k 'http://user:password@server/user/admin/descriptorByName/jenkins.security.ApiTokenProperty/generateNewToken' --data 'newTokenName=kb-token' -b cookies.txt -H $CRUMB
and got a satisfying answer: {"status":"ok","data":{"tokenName":"kb-token","tokenUuid":"20b1644d-e0f0-40e3-ad34-109b93025ec4","tokenValue":"114edad6xxxxxxxxxxxc335e2700f6c6"}}user@machine:/home/user/
