What's the proper REST flow for SAML auth with CSRF enabled?

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

What's the proper REST flow for SAML auth with CSRF enabled?

Rauha Rahkola
My Jenkins instance has SAML configured with Okta and also has CSRF protection enabled.  Currently I am able to authenticate with SAML via the Jenkins GUI.  However, I have a service user which communicates via the REST API and I have not stepped into the correct flow which allows this user (which has a valid SAML assertion) to finish the login sequence with Jenkins without a separate means of authentication (user:password or user:apiToken).  What is the proper sequence to authenticate via the REST API when I have SAML and CSRF configured?

Thanks!
Rauha

--
You received this message because you are subscribed to the Google Groups "Jenkins Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to [hidden email].
To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-users/031412fa-f8de-48db-9f9c-5b238e9b6ba2%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
Reply | Threaded
Open this post in threaded view
|

What's the proper REST flow for SAML auth with CSRF enabled?

kuisathaverat
Hi,

If you want to make an API REST call you only need the API Token and a valid crumb, the user will be granted with the latest authorities from the last login, you have more details in the following link https://wiki.jenkins.io/display/JENKINS/Remote+access+API

--
You received this message because you are subscribed to the Google Groups "Jenkins Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to [hidden email].
To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-users/9f284774-4cc5-48a8-928c-648f32b353c4%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.