search

jenkinsci / generic-webhook-trigger-plugin

Can receive any HTTP request, extract any values from JSON or XML and trigger a job with those values available as variables. Works with GitHub, GitLab, Bitbucket, Jira and many more.
https://plugins.jenkins.io/generic-webhook-trigger
404 stars 159 forks source link

webhook without credentilas working #251

Closed malki-akamai closed 1 year ago

malki-akamai commented 1 year ago

Hello everyone, I am using this plugin at version 1.85.2 My jenkins server works with azure ad authentication as login interface.

I need to define a webhook from some place to trigger a pipeline so I used the plugin, and I just notice that using the basic api "https://myjenkins/generic-webhook-trigger/invoke?token=SECURITYTOKEN" I can trigger a webhook and its successful no matter the way I authenticate to jenkins..

can someone helps me to understand why is it happen?
Is it related to the authentication side of jenkins or to the webhook plugin?

tomasbjerre commented 1 year ago

The plugin is implemented like that. From the readme: The token also allows invocations without any other authentication credentials.