How to request for the crumb issuer for Jenkins

I haven't found this in the documentation either. This code is tested against an older Jenkins (1.466), but should still work.

To issue the crumb use the crumbIssuer

// left out: you need to authenticate with user & password -> sample belowHttpGet httpGet = new HttpGet(jenkinsUrl + "crumbIssuer/api/json");String crumbResponse = toString(httpclient, httpGet);CrumbJson crumbJson = new Gson().fromJson(crumbResponse, CrumbJson.class);

This will get you a response like this

{"crumb":"fb171d526b9cc9e25afe80b356e12cb7","crumbRequestField":".crumb"}

This contains two pieces of information you need

1. the field name with which you need to pass the crumb
2. the crumb itself

If you now want to fetch something from Jenkins, add the crumb as header. In the sample below I fetch the latest build results.

HttpPost httpost = new HttpPost(jenkinsUrl + "rssLatest");httpost.addHeader(crumbJson.crumbRequestField, crumbJson.crumb);

Here is the sample code as a whole. I am using gson 2.2.4 to parse the response and Apache's httpclient 4.2.3 for the rest.

import org.apache.http.auth.*;import org.apache.http.client.*;import org.apache.http.client.methods.*;import org.apache.http.impl.client.*;import com.google.gson.Gson;public class JenkinsMonitor {    public static void main(String[] args) throws Exception {        String protocol = "http";        String host = "your-jenkins-host.com";        int port = 8080;        String usernName = "username";        String password = "passwort";        DefaultHttpClient httpclient = new DefaultHttpClient();        httpclient.getCredentialsProvider().setCredentials(                new AuthScope(host, port),                 new UsernamePasswordCredentials(usernName, password));        String jenkinsUrl = protocol + "://" + host + ":" + port + "/jenkins/";        try {            // get the crumb from Jenkins            // do this only once per HTTP session            // keep the crumb for every coming request            System.out.println("... issue crumb");            HttpGet httpGet = new HttpGet(jenkinsUrl + "crumbIssuer/api/json");            String crumbResponse= toString(httpclient, httpGet);            CrumbJson crumbJson = new Gson()                .fromJson(crumbResponse, CrumbJson.class);            // add the issued crumb to each request header            // the header field name is also contained in the json response            System.out.println("... issue rss of latest builds");            HttpPost httpost = new HttpPost(jenkinsUrl + "rssLatest");            httpost.addHeader(crumbJson.crumbRequestField, crumbJson.crumb);            toString(httpclient, httpost);        } finally {            httpclient.getConnectionManager().shutdown();        }    }    // helper construct to deserialize crumb json into     public static class CrumbJson {        public String crumb;        public String crumbRequestField;    }    private static String toString(DefaultHttpClient client,         HttpRequestBase request) throws Exception {        ResponseHandler<String> responseHandler = new BasicResponseHandler();        String responseBody = client.execute(request, responseHandler);        System.out.println(responseBody + "\n");        return responseBody;    }}

Or you can use Python and requests instead

req = requests.get('http://JENKINS_URL/crumbIssuer/api/xml?xpath=concat(//crumbRequestField,":",//crumb)', auth=(username, password))print(req.text)

will give you the name and the crumb:

Jenkins-Crumb:e2e41f670dc128f378b2a010b4fcb493

Meanwhile you can generate an API token in order to prevent having to include your password in the source code provided by the solutions above:

https://wiki.jenkins.io/display/JENKINS/Authenticating+scripted+clients