Jenkins: 403 No valid crumb was included in the request

Question

I configured jenkins in spinnaker as follows and setup spinnaker pipeline.

 jenkins:
    # If you are integrating Jenkins, set its location here using the bas         


        

Answer 1

I have ran into the same issue. I have only refresh my browser, log back in to Jenkins, do the same process and everything worked.

Answer 2

Crumb is nothing but access-token. Below is the api to get the crumb

https://jenkins.xxx.xxx.xxx/crumbIssuer/api/json // replace it with your jenkins url and make a GET call in your postman or rest-api caller.

This will generate output like :

{
    "_class": "hudson.security.csrf.DefaultCrumbIssuer",
    "crumb": "ba4742b9d92606f4236456568a",
    "crumbRequestField": "Jenkins-Crumb"
}

Below are more details and link related to same: How to request for Crumb issuer for jenkins Jenkins wiki page : https://wiki.jenkins-ci.org/display/jenkins/remote+access+api

If you are calling the same via rest-api call, checkout the below link where it is explained how to call rest call using jenkins-crumb

https://blog.dahanne.net/2016/05/17/how-to-update-a-jenkins-job-posting-config-xml/

Example :

curl -X POST http://anthony:anthony@localhost:8080/jenkins/job/pof/config.xml --data-binary "@config.xml" -data ".crumb=6bbabc426436b72ec35e5ad4a4344687"

Answer 3

First create a user API token by going to user-->API Token-->Add new token.

Then use the below script for triggering.

import jenkins,requests
job_name='sleep_job'
jenkins_url = "http://10.10.10.294:8080"
auth = ("jenkins","1143e7efc9371dde2e4f312345bec")
request_url = "{0:s}/job/{1:s}/buildWithParameters".format(jenkins_url, 
job_name, )
crumb_data = requests.get("{0:s}/crumbIssuer/api/json".format(jenkins_url), 
auth=auth, ).json()
headers = {'Jenkins-Crumb': crumb_data['crumb']}
jenkins_job_params={}
jenkins_job_params['NODE_NAME']='10_10_1_29'
jenkins_job_params['SLEEP_TIME']='1h'
response = requests.post(request_url, data=jenkins_job_params, auth=auth, )
response.raise_for_status()

Answer 4

To resolve this issue I unchecked "Prevent Cross Site Request Forgery exploits" in jenkins.com/configureSecurity section and it started working.

Answer 5

Since this question is the first SO link when searching for "No valid crumb was included in the request" in Google, I think it's worth mentioning that the same error is generated if you omit/forget the Authorization HTTP header or use a blank username/password:

Relevant error messages related to the Authorization header are only generated when a value is passed:

And, yes, the crumb passed in the first screenshots is actually valid; everything works with the correct username/password:

So, not sure if that's a bug or not, but "No valid crumb was included in the request" could also mean you accidentally forgot the Authorization header.

Jenkins 2.222.3, Ubuntu Server 20.04, Java Runtime 1.8.0_252-8u252-b09-1ubuntu1-b09

Answer 6

I am running with reverse proxy with nignx. Changed jenkins option in the "Configure Global Security" that "Enable proxy compatibility" This fixed with my issue.