[SOLVED] How to generate jenkins token

How to generate jenkins token

I am trying to generate a Jenkins API token from my Bash script using a Crumb key that I successfully retrieved. However, I am encountering an issue where the request is being rejected with a '403 No valid crumb was included in the request' error. Below is the command I am using :

jenkinsUrl="http://localhost:8080"
jenkinsUser="admin" 
tokename="newTokenName"

# gnerate crumb
crumb=$(curl -u $jenkinsUser:$passwordAdmin -s $jenkinsUrl/crumbIssuer/api/json | jq -r '.crumb')
echo  "Here is the crumb : $crumb"

# generate token
curl -v -u "$jenkinsUser:$passwordAdmin" \
    --data "newTokenName=$tokename" \
    -H "Content-Type: application/x-www-form-urlencoded" \
    -H "Jenkins-Crumb: $crumb" \
    "$jenkinsUrl/user/$jenkinsUser/descriptorByName/jenkins.security.ApiTokenProperty/generateNewToken"

But apparently the Crumb, as : 5466989cf28245963a3d477e609152541fd3f59572247a020b4f4269ce4da9d for example is not recognized as valid by Jenkins, resulting in the following error message :

*   Trying 127.0.0.1:8080...
* Connected to localhost (127.0.0.1) port 8080 (#0)
* Server auth using Basic with user 'admin'
> POST /user/admin/descriptorByName/jenkins.security.ApiTokenProperty/generateNewToken HTTP/1.1
> Host: localhost:8080
> Authorization: Basic YWRtaW46ODUxNGM0MzVhY2NlNDY5Zjk4MTgzODMxMzA5MDFmMTA=
> User-Agent: curl/7.88.1
> Accept: */*
> Content-Type: application/x-www-form-urlencoded
> Jenkins-Crumb: 07c445067821590ee913094a53de85c4fbe25504ff1a4434720b5bc28b34ded1       
> Content-Length: 25
>
< HTTP/1.1 403 Forbidden
< Server: Jetty(12.0.16)
< Date: Sat, 15 Feb 2025 16:52:41 GMT
< X-Content-Type-Options: nosniff
< Set-Cookie: JSESSIONID.bd4533c5=node0g0r0hnlxjlc71jvqpve60asrr2.node0; Path=/; HttpOnly
< Cache-Control: must-revalidate,no-cache,no-store
< Content-Type: text/html;charset=iso-8859-1
< Content-Length: 611
<
<html>
<head>
<meta http-equiv="Content-Type" content="text/html;charset=ISO-8859-1"/>
<title>Error 403 No valid crumb was included in the request</title>
</head>
<body><h2>HTTP ERROR 403 No valid crumb was included in the request</h2>
<table>
<tr><th>URI:</th><td>/user/admin/descriptorByName/jenkins.security.ApiTokenProperty/generateNewToken</td></tr>
<tr><th>STATUS:</th><td>403</td></tr>
<tr><th>MESSAGE:</th><td>No valid crumb was included in the request</td></tr>
<tr><th>SERVLET:</th><td>Stapler</td></tr>
</table>
<hr/><a href="https://jetty.org/">Powered by Jetty:// 12.0.16</a><hr/>

</body>
</html>
* Connection #0 to host localhost left intact```

Solution

I've solved this problem. The problem was that the two requests had different sessions. To do this, the two curl requests had to be made on the same session. this is done with a cookie, such as :

# gnerate crumb
crumb=$(curl -u $jenkinsUser:$passwordAdmin -s -c cookie.txt $jenkinsUrl/crumbIssuer/api/json | jq -r '.crumb')
echo  "Here is the crumb : '$crumb'"

# generate token
curl -v -u "$jenkinsUser:$passwordAdmin" \
    --data "newTokenName=$tokename" \
    -H "Content-Type: application/x-www-form-urlencoded" \
    -H "Jenkins-Crumb: $crumb" \
    -b cookie.txt \
    "$jenkinsUrl/user/$jenkinsUser/descriptorByName/jenkins.security.ApiTokenProperty/generateNewToken"