0

I'm building restful app basing on react library. I want to give app users access to a few Jenkins jobs, but i found a problem.

I have to somehow auth users. App auth is not enough, what i mean is that people who start jobs through my app, they also should have account in the Jenkins. App is just the way to make it simpler and faster. Can i somehow require from the users Jenkins username and password? I don't want to share with everyone my api token.

Use Case

  1. User login to my panel
  2. User access subpage with Jenkins
  3. App asks for Jenkins login and password
  4. I send request to the Jenkins
  5. If both are fine, then it sends back api token

Or if i can require from user to attach login and password to the request, each time user tries to get list of jobs or start/delete/edit job, something like:

curl -X POST JENKINS_URL/job/JOB_NAME/build \
  --user USER:PASSWORD \
  --data-urlencode json='{"parameter": [{"name":"id", "value":"123"}, {"name":"verbosity", "value":"high"}]}'

Most important for me is to avoid hardcoding api token in the app.

Dan Zawadzki
  • 682
  • 2
  • 8
  • 28
  • would you care if the users had to supply their api token? This answer could help https://stackoverflow.com/a/14863116/1309377 – Andrew Lohr Oct 03 '17 at 12:44
  • @AndrewLohr I'm treating it as an option, to add Jenkins API key in the user profile and add method in my api to return it. Then if its filled and its correct, i could use it to the requests. Anyway i would prefer to auth them each session. – Dan Zawadzki Oct 03 '17 at 12:48

0 Answers0