Unfortunately, disabling the CLI isn't an option for our installations just now. We configure most things through the Script Console as well, but we automate this via the Chef Jenkins Cookbook, which leverages the CLI to interact with the running installation.
Previously, when using the GitHub OAuth authentication scheme, CLI authentication was untouched. So we've used the technique of creating a local Jenkins administration account, and setting up a key for the CLI to use for authentication during Chef runs (–username and --password aren't required for that use case). That worked pretty well up to release 0.25 of the plugin.
I think the addition of authenticating the CLI via API key is a great addition, but it'd be nice if it delegated to the default CLI authorization model if what was passed wasn't an API key (a --username and --password for a local admin are probably another use case here).
Anyhow, upshot for now is that folks using the Chef Jenkins community cookbook are in some sadness if they want to upgrade to 0.26 of your fine plugin. (Andhey— thanks for picking up maintenance of it! I, for one, appreciate the great job you're doing.)