OKTA with Jenkins

We installed OKTA with Jenkins server (on ubuntu), since we implemented it our clients/slaves stop working , we use Jenkins-Swarm package that installed node and establish connection with Master, BTW - the clients are spot instances (AWS) and not part of Domain to use OKTA.

Is it possible to exclude user from OKTA, or exclude machines/IP range from OKTA?

tried to use other user that is not part of DOMAIN but defined in Jenkins authenticated user

java -jar swarm-client-2.0-jar-with-dependencies.jar -master http://zzzzzz:8080/ -username XXXX-password XXXX -mode "exclusive" -labels "AGENTS_LABEL_11

Error got in client: Discovering Jenkins master Attempting to connect to http://jenkins:8079/ aeac4e35-fe09-4da7-bb5c-579658910ff5 Could not obtain CSRF crumb. Response code: 404 Nov 3, 2014 5:19:48 PM org.apache.commons.httpclient.auth.AuthChallengeProcessor selectAuthScheme INFO: basic authentication scheme selected Nov 3, 2014 5:19:48 PM org.apache.commons.httpclient.HttpMethodDirector processWWWAuthChallenge INFO: Failure authenticating with BASIC 'Jenkins'@jenkins:8079 Failed to create a slave on Jenkins CODE: 401 Retrying in 10 seconds





  • 1
    Daniel Dold

    Hi Eyal,

    I think you are asking the question in the wrong section. This is for DevOptics specific questions.

    You could have more luck asking this in the Questions & Answers section.




  • 0
    Pierre Beitz

    Hello Eyal,

    Your case seems a bit complex. From the information you shared, here are a couple of observations:

    * it looks like you use version 2 of the swarm plugin, which dates back to 2015 to connect your agents.

    * somehow the connection attempt of an agent ends up with a 401 error code (not sure why, it looks like there is an issue retrieving the crumb).


    This leads me to formulate the following hypothesis: somehow while you setup OKTA integration something got changed in your master configuration (plugin update? setting?) that lead to this situation. The fact that you are using a 4 years old swarm plugin makes me think that possibly something got updated that made this old plugin incompatible.

    This is obviously a guess as I don't have the full picture. In case you are a customer, please open a ticket and attach a full support bundle for review.




  • 0
    Eyal Cohen

    Hi Pierre
    It was my mistake when I by mistake copy that error from Google search, but I have the same error, anyhow I found that the URL changed by okta,so I have to double check it again since now got Jenkins error ... I think, thanks Eyal

Please sign in to leave a comment.