Custom update center returning a 403

I have Jenkins version 2.346.2 running in an environment which is completely isolated from the Internet.

I want to point the Update Center URI to a local copy of the update-center.json file (which I will change the paths in so that the plugin files can be downloaded from a local repository). I have therefore downloaded the update-center.json and update-center.json.html files from and changed the Update Site URL to http://localhost:8080/job/Admin/job/CreateUpdateFile/ws/local-update-center.json

However, when I click on the ‘Check Now’ button, I receive a 403 error:

You will notice from the screenshots above that I am using HTTP, not HTTPS so surely no security is required?? Is it because I am trying to access a file within Jenkins itself; would I be better to try and host it elsewhere??

Hhtp 403 is forbidden

I’m guessing that your url is not accessible to non authenticated users. You may need to add a user and API token to your url.

Thanks for the reply but I have managed to stop the server returning a 403 error by moving the update-center.json file into a public Nexus repository on the same machine.

This works as expected and now and Jenkins can access the update-center.json file. It appears that the problem was indeed that you cannot access a Jenkins artefact from a straightforward HTTP request without supplying some sort of credentials (which I don’t want to have to do as this communication is purely local to this 1 PC)