Folder credentials not working when using tokenCredentialId

[PapoyEdits]

So I ask this not knowing if the plugin supports folder-scoped credentials, but I would assume/hope it does.

But the scenario I encountered is this:
I tried using a folder-scoped credential when defining my trigger in a Declarative Pipeline. But when sending the the request, I got a 404 response.

If I instead created the credential in the Global scope, it worked fine.

And I ran the job manually after applying changes and verified that the token credential id had been saved in the configuration.

Since we have a ****-ton of plugins, it is possible that one of those causes issues in this particular case. But the main question is if the plugin supports folder-credentials in the first place.

Version report

Jenkins and plugins versions report:

Jenkins: 2.277.4
OS: Linux - 4.18.0-305.12.1.el8_4.x86_64

pipeline-graph-analysis:1.11
jenkins-aws-conjur-credentials:1.1.0
docker-commons:1.17
scm-api:2.6.4
antisamy-markup-formatter:2.9-TBT
build-timeout:1.20
ssh-credentials:1.18.1
plain-credentials:1.7
amazon-ecr-plugin:2.0.0
matrix-project:1.18
jsch:0.1.55.2
ant:1.11
gradle:1.36
jquery-detached:1.2.1
ace-editor:1.1
pipeline-input-step:2.12
git-server:1.9
pipeline-stage-step:2.5
momentjs:1.1.1
pipeline-build-step:2.13
custom-tools-plugin:0.8
workflow-multibranch:2.24
authentication-tokens:1.4
pipeline-model-declarative-agent:1.1.1
workflow-basic-steps:2.23
aws-credentials:1.29
workflow-aggregator:2.6
durable-task:1.36
config-file-provider:3.8.0
workflow-cps-global-lib:2.19
pipeline-github-lib:1.0
mapdb-api:1.0.9.0
amazon-ecr:1.6
gatling:1.3.0
pam-auth:1.6
resource-disposer:0.15
javadoc:1.6
job-dsl:1.77
jquery:1.12.4-1
simple-theme-plugin:0.6
nexus-artifact-uploader:2.13
workflow-scm-step:2.12
caffeine-api:2.9.1-23.v51c4e2c879c8
pipeline-model-extensions:1.8.4
mstest:1.0.0
handlebars:3.0.8
workflow-job:2.41
pipeline-model-definition:1.8.4
msbuild:1.30
mailer:1.34
jobConfigHistory:2.27
tap:2.3
syslog-logger:1.0.5
node-iterator-api:1.5.0
ldap:2.7
ws-cleanup:0.39
analysis-core:1.96
sitemonitor:0.6
git-parameter:0.9.13
pipeline-milestone-step:1.3.2
ghprb:1.42.2
report-info:1.0
external-monitor-job:1.7
workflow-api:2.42
mail-watcher-plugin:1.16
parameterized-trigger:2.40
role-strategy:3.1.1
ownership:0.13.0
script-security:1.77
ansicolor:1.0.0
pipeline-stage-tags-metadata:1.8.4
apache-httpcomponents-client-4-api:4.5.13-1.0
h2-api:1.4.199
pipeline-model-api:1.8.4
dependency-check-jenkins-plugin:5.1.1
copyartifact:1.43.1
lockable-resources:2.11
saml:2.0.5
nodelabelparameter:1.8.1
ssh-slaves:1.31.5
groovy:2.4
run-condition:1.5
pipeline-maven:3.10.0
github-branch-source:2.10.4
powershell:1.5
envinject-api:1.7
envinject:2.4.0
zap:1.1.0
bouncycastle-api:2.20
aws-java-sdk:1.11.995
embeddable-build-status:2.0.3
extended-choice-parameter:0.82
jdk-tool:1.5
job-restrictions:0.8
cobertura:1.16
github-oauth:0.33
xshell:0.10
extended-read-permission:3.2
variant:1.4
handy-uri-templates-2-api:2.1.8-1.0
cloudbees-bitbucket-branch-source:2.9.9
git-changelog:3.3
snakeyaml-api:1.27.0
performance:3.19
token-macro:2.15
extra-columns:1.23
dependency-track:3.1.1
sidebar-link:1.12.0
blueocean-autofavorite:1.2.4
pubsub-light:1.14
blueocean-display-url:2.4.1
confluence-publisher:2.0.6
uno-choice:2.5.6
jackson2-api:2.12.3
sonar:2.13.1
maven-artifact-choicelistprovider:1.8.1
startup-trigger-plugin:2.9.3
build-monitor-plugin:1.12+build.201809061734
metrics:4.0.2.7
code-coverage-api:1.3.2
ssh-agent:1.22
throttle-concurrents:2.2
junit-attachments:1.6
conjur-credentials:1.0.2
structs:1.23
nodejs:1.4.0
git-client:3.7.2
postbuildscript:2.11.0
authorize-project:1.4.0
repository-connector:1.3.1
build-user-vars-plugin:1.7
favorite:2.3.3
jjwt-api:0.11.2-9.c8b45b8bb173
scoring-load-balancer:1.0.1
file-leak-detector:1.6
pipeline-github:2.7
github-api:1.123
webhook-step:1.4
htmlpublisher:1.25
blueocean-bitbucket-pipeline:1.24.7
cloudbees-folder:6.15
kubernetes-credentials:0.9.0
kubernetes-pipeline-devops-steps:1.6
kubernetes-pipeline-steps:1.6
kubernetes-pipeline-arquillian-steps:1.6
kubernetes-pipeline-aggregator:1.6
blueocean-pipeline-editor:1.24.7
cucumber-reports:5.5.0
codedeploy:1.23
jaxb:2.3.0.1
trilead-api:1.0.13
pipeline-utility-steps:2.8.0
workflow-durable-task-step:2.39
global-build-stats:1.5
build-metrics:1.3
jquery-ui:1.0.2
xframe-filter-plugin:1.2
audit-trail:3.8
blueocean-events:1.24.7
forensics-api:1.0.0
thinBackup:1.10
kubernetes-client-api:4.13.3-1
blueocean-i18n:1.24.7
oauth-credentials:0.4
blueocean:1.24.7
cloudbees-jenkins-advisor:3.3.1
workflow-cps:2.92
xunit:2.4.0
allure-jenkins-plugin:2.29.0
pipeline-githubnotify-step:1.0.5
okhttp-api:3.14.9
maven-plugin:3.11
monitoring:1.87.0
octopusdeploy:3.1.3
docker-workflow:1.26
google-oauth-plugin:1.0.5
text-finder:1.16
sse-gateway:1.24
timestamper:1.13
github:1.33.1
blueocean-config:1.24.7
folder-properties:1.2.1
parameterized-scheduler:1.0
support-core:2.74
dtkit-api:3.0.0
postgresql-api:42.2.5
blueocean-executor-info:1.24.7
email-ext:2.83
ec2:1.61
git:4.7.2
extensible-choice-parameter:1.7.0
blueocean-web:1.24.7
blueocean-pipeline-api-impl:1.24.7
blueocean-github-pipeline:1.24.7
display-url-api:2.3.5
lighthouse-report:1.1.0
credentials:2.5
blueocean-personalization:1.24.7
pipeline-rest-api:2.19
analysis-model-api:10.2.5
echarts-api:5.1.0-2
jacoco:3.2.0
kubernetes:1.29.6
warnings-ng:9.1.0
ansible:1.1
blueocean-commons:1.24.7
conditional-buildstep:1.4.1
blueocean-jwt:1.24.7
workflow-step-api:2.23
mercurial:2.15
workflow-support:3.8
http_request:1.9.0
generic-webhook-trigger:1.72
plugin-util-api:2.2.0
credentials-binding:1.25
font-awesome-api:5.15.3-2
popper-api:1.16.1-2
data-tables-api:1.10.23-3
jquery3-api:3.6.0-1
bootstrap4-api:4.6.0-3
blueocean-git-pipeline:1.24.7
command-launcher:1.6
subversion:2.14.2
windows-slaves:1.8
checks-api:1.7.0
blueocean-rest:1.24.7
browserstack-integration:1.2.3
blueocean-jira:1.24.7
branch-api:2.6.4
blueocean-pipeline-scm-api:1.24.7
pipeline-stage-view:2.19
jenkins-design-language:1.24.7
matrix-auth:2.6.7
blueocean-core-js:1.24.7
blueocean-rest-impl:1.24.7
blueocean-dashboard:1.24.7
jira:3.3
junit:1.49

• What Operating System are you using (both controller, and any agents involved in the problem)?

NAME="Red Hat Enterprise Linux"
VERSION="8.4 (Ootpa)"
ID="rhel"
ID_LIKE="fedora"
VERSION_ID="8.4"
PLATFORM_ID="platform:el8"
PRETTY_NAME="Red Hat Enterprise Linux 8.4 (Ootpa)"
ANSI_COLOR="0;31"
CPE_NAME="cpe:/o:redhat:enterprise_linux:8.4:GA"
HOME_URL="https://www.redhat.com/"
DOCUMENTATION_URL="https://access.redhat.com/documentation/red_hat_enterprise_linux/8/"
BUG_REPORT_URL="https://bugzilla.redhat.com/"

REDHAT_BUGZILLA_PRODUCT="Red Hat Enterprise Linux 8"
REDHAT_BUGZILLA_PRODUCT_VERSION=8.4
REDHAT_SUPPORT_PRODUCT="Red Hat Enterprise Linux"
REDHAT_SUPPORT_PRODUCT_VERSION="8.4"

Reproduction steps

• 1. Create a Jenkins Folder
• 2. Create a Secret Text credential inside that folders store
• 3. Create a Pipeline in the folder using the created credential id
• 4. Trigger pipeline once manually to save/load the config
• 5. Send request to try and trigger the job (used Postman)
• 6. Create credential in Global Store
• 7. Change tokenCredentialId to use global credential
• 8. Repeat steps 4-5

pipeline { triggers { GenericTrigger( genericRequestVariables: [ [key: 'VAR', value: ''] ], tokenCredentialId: 'test-credential' ) } stages { stage('Test'){ steps { echo "$env.VAR" } } } }

Results

Expected result:

The job is triggered in both cases

Actual result:

When using Folder credential I get below 404 response, when using Global, it works as expected
{
"jobs": null,
"message": "Did not find any jobs with GenericTrigger configured! If you are using a token, you need to pass it like ...trigger/invoke?token=TOKENHERE. If you are not using a token, you need to authenticate like http://user:passsword@jenkins/generic-webhook... "
}

[tomasbjerre]

I was able to reproduce this, should be fixed in 1.75. Open issue again if any problems.