Getting 404 when accessing Jenkins v2.73.1 crumbIssuer REST API
You have to have the Prevent Cross Site Request Forgery exploits
option turned on under Manage Jenkins -> Configure Global Security.
Rob Hales' answer is correct.
I had the same issue when trying to run the following Ansible code against a jenkins (ver. 2.89.3) instance.
- name: "Get csrf token" uri: url: 'http://127.0.0.1:8080/crumbIssuer/api/xml?xpath=concat(//crumbRequestField,":",//crumb)' user: "{{ jenkins_admin_user }}" password: "{{ jenkins_admin_pass }}" force_basic_auth: yes return_content: yes
For me, the issue is resolved after creating the file /var/jenkins_home/init.groovy.d/csrf.groovy
with the following content and restarting jenkins:
import hudson.security.csrf.DefaultCrumbIssuerimport jenkins.model.Jenkinsdef instance = Jenkins.instanceinstance.setCrumbIssuer(new DefaultCrumbIssuer(true))instance.save()
See https://wiki.jenkins.io/display/JENKINS/CSRF+Protection for more info.