In our central hosted environment, security is one of the most important things. There is no overall user which has access to every single job. Therefore we must be able to define the credentials used to trigger the remote build on every job.
The best solution would be to have an overwriting/scoping logic as it can be provided with the credentials-plugin.
e.g. (the more left overwrite the right ones)
user scoped > folders-plugin scoped  > global scoped