How can a Jenkins user authentication details be “passed” to a script which uses Jenkins API to create jobs?

Question

I have a script that delete and re-create jobs through curl HTTP-calls and I want to get rid of any hard-coded \"username:password\". E.g. curl -X POST $url --user use

Answer 1

In order to use API tokens, users will have to obtain their own tokens, each from https:///me/configure or https:///user//configure. It is up to you, as the author of the script, to determine how users supply the token to the script. For example, in a Bourne Shell script running interactively inside a Git repository, where .gitignore contains /.jenkins_api_token, you might do something like:

api_token_file="$(git rev-parse --show-cdup).jenkins_api_token"
api_token=$(cat "$api_token_file" || true)
if [ -z "$api_token" ]; then
    echo
    echo "Obtain your API token from $JENKINS_URL/user/$user/configure"
    echo "After entering here, it will be saved in $api_token_file; keep it safe!"
    read -p "Enter your Jenkins API token: " api_token
    echo $api_token > "$api_token_file"
fi
curl -u $user:$api_token $JENKINS_URL/someCommand