Jenkins Security Concepts
Jump to navigation
Jump to search
Internal
Credentials Management
A summary of credentials managed by a Jenkins instance is available from Jenkins -> Credentials.
Credentials Plugin
Credential Type
Username with Password
Docker Certificates Directory
Docker Host Certificate Authentication
SSH Username with Private Key
Secret File
Secret Text
Certificate
Credential Domain
Credential Provider
A credential provider connects Jenkins to an external credential vault.
Jenkins Credentials Provider
Managed by the Credentials Plugin. Provides credentials from the root of Jenkins. Credentials will be available to:
- Authentication: SYSTEM
- Users with permission: Job/Configure
Credentials will be available in:
- Global scoped credentials be available to all items within Jenkins.
- System scoped credentials restricted to system level operations such as connecting build agents.
User Credentials Provider
Managed by the Credentials Plugin. Provides each user with a personal credential store. Credentials will be available to:
- Immediate operations performed by the user who defined the credentials.
- Jobs with credentials parameters when directly triggered by a user with the permission: Job/Build.
- Jobs running as the user and the user has the permission: Job/Build.