How can a Jenkins controller administer its own users?


  • Jenkins controller manage its own users


  • CloudBees Jenkins Enterprise (CJE)
  • CloudBees Jenkins Operation Center (CJOC)


An administrator for the JOC would need to configure the controller to allow it to opt-out of the security settings. By doing so, the controller will lose Single-Sign On capabilities with the JOC and have separate credentials to log on to other controllers.

  • Manage Jenkins -> Configure Global Security or http://$JOC_ADDRESS:$JOC_PORT>/configureSecurity/

    • Select the checkbox “Allow client controllers to opt-out” under Client controller security

    Allow client controllers to opt-out

  • Configure the controller http://$JOC_ADDRESS:$JOC_PORT/job/$MASTER_NAME/configure

    • Select the checkbox “Opt-out” under Security Setting Enforcement


  • On the controller, go to Manage Jenkins -> Configure Global Security or http://$JE_ADDRESS:$JE_PORT/configureSecurity/

    • Select the button for “Jenkin’s own user database” under Security Realm

    Configure users

  • It is optional to have “Allow users to sign up” checked. If this is unchecked, the admin for the controller will need to create the users manually.

Have more questions?


Please sign in to leave a comment.