I am using Jenkins Login with Openid Connect (Amazon Cognito). I am able to use group-based authorization. I can see my groups in Granted Authorities: authenticated,<cognito group>
But when I try making API call, it gives me a "403" error saying "Missing overall read permissions".
I am using API token created using <Jenkins url>/configure/me
It is only allowing in case I give "Read" access to the anonymous group in Jenkins, which I couldn't give in my production environment.
Jenkins is not able to read neither SSO users authorized in groups nor in the authenticated group.
|Field||Original Value||New Value|
|Assignee||Isha Garg [ isha2504 ]||Daniel Beck [ danielbeck ]|
|Component/s||matrix-auth-plugin [ 18131 ]|
|Component/s||matrix-project-plugin [ 18765 ]|
|Assignee||Daniel Beck [ danielbeck ]|