Jenkins — How to create Users + Manage + Assign Roles (Part 2)

In this tutorial, we are going to learn How to do simple configurations for Jenkins. Here are the points which I am going to explain in this tutorial.

  • How to create new Users?
  • How to configure Users?
  • How to create new Roles?
  • How to assign users to Roles?
  • How to control user access on Projects?

First of all, make sure whether your Jenkins server is up and running. Please go through my previous tutorial for getting up and running the Jenkins server.

Once you run the Jenkins server it will start on default 8080 port. Go to the browser and type http://localhost:8080/.

Login screen

Use “admin” as the username and give the auto-generated password which we get in the previous tutorial.

Admin user is the default user which is created as soon as you are installed, Jenkins.

How to create new Users?

If you want to create a new User in Jenkins you need to go to

Manage Jenkins-> Manage Users
Add New User steps

As of now, you can see there is one User called Admin. If you want to create new Users click Create User option.

Manage User option

Then you just need to give Username, Password, and Full Name. Enter those details and click Create User button.

Create New User

User1 is created. Here I am creating another user which is called User2.

Now let us try to login using any of these newly created Users.

Username of the Logged User

Success!

How to configure Users?

On the right top corner, there is the Username. Besides that, there is a dropdown. Just go to the “Configure” option. Now here you will come to the configure window of Jenkins for the particular User. Here you can,

  • Change the Username
  • Add any Description
  • Get the API token for the specific User
  • Change your Password
  • Can set any public-key authentication
Configure Users

How to create new Roles?

In general, we can define roles to every user. For example, Admin User has all the roles such as defining roles, create Users, configure the system, give access to the projects, and so on. The manager only can view the projects. Developers should be able to do make changes to the specific project and Testers should be able to access only to the Testing projects. So how can we manage that? To do that we have a plugin called Roles Strategy plugin.

To get this plugin there are 2 ways,

  • Manually download plugin
  • Download and install via Jenkins

If you are willing to download and install manually use this link to download the plugin.

After downloading the plugin you need to add it to the C:\Program Files (x86)\Jenkins\plugins folder. Then just restart the Jenkins server.

But we can download and install the plugin using Jenkins itself. Go to

Manage Jenkins -> Maganage Plugins

Just go to the Available section and search Roles Strategy plugin. Then this plugin will be listed out here then click on Download now and install after restart. I am not getting this here in the picture because I have already installed the plugin and it is inside the Installed section. Also, you can upload the plugin which is already installed in the previous section. Just go to the Advanced section and choose the file to upload the plugin.

Now I have already installed the plugin. Let’s see how to use it. Goto

Manage Jenkins -> Configure Global Security 

In the Authorization section, you will now find a Role-based Strategy (This option only comes after that the plugin is installed and Jenkins is restarted). You have to select that. Click Apply and Save.

Select Role-based Strategy

Okay Cool!. Now let’s login as a User1 and see what happens.

Now, User1 cannot access to the Jenkins because we are now using Role-based Strategy. We need to define a role to this User.

User1 missing the Overall read permissions

Let me log in as an Admin and define Roles and assign them to Users.

Now go to,

Manage Jenkins -> Manage and Assign Roles -> Manage Roles 

NOTE: This will get only after you select the Role-Based Strategy in the Authorization section.

Here you can see 2 roles to define.

Global Roles — Provide authorization and access to the Global Level. I can add the Role name as “employee” and I can control what access I need to give this role. I want that employee should have overall read access and overall view access.

Employee role access

Item Roles — Provide roles specific to a project. I am adding a role called developer and add a pattern like Dev.* in this section. What does this pattern mean is when a person who is having a role as a developer should be able to access the projects which have their name starting like Dev. Now he is not able to view or make changes to any other projects. Furthermore, I am adding a tester Role and add a pattern like Test.*also. Give all the Job permissions to them.

Now let’s assign the roles to our already created Users.

How to assign users to Roles?

Go to,

Manage Jenkins -> Manage and Assign Roles -> Assign Roles

Like the Manage Roles section, there are 2 sections.

  • Global Roles — Please add User1 and User2 to the Global Roles. And select the employee role to both users.
Assigning Global Roles
  • Project Roles — Please add User1 and User2 to the Item Roles and assign User1 as a Developer and User2 as a Tester.
Assigning Item Roles

How to control user access on Projects?

Now we have created all the roles and we assigned them to Users. Let’s create 2 projects and check the access according to the Users. Go to,

New Item -> Enter an Item Name 

Just create 2 Freestyle projects called DevProject1 and TestProject1.

DevProject1

Now you can see already created 2 projects in the Dashboard.

Project Dashboard

As you can remember User1 as a Developer can only access the projects which are having the name starting like “Dev”. Also, User2 as a Tester can only access the projects which are having the name starting like “Test”. Let us now validate that. Test log in as User1 and User2.

User1 — Kasun Dissanayake (Developer)

User1 Access

Here you can see this user only can access the DevProject1 and he does not have any access to the Manage Jenkins menu.

User2— Dulmina Renuke (Tester )

User2 Access

Here you can see this user only can access the TestProject1 and he does not have any access to the Manage Jenkins menu.

So this is all about the Create Users, Manage Users, Assign Roles to the Users and Control Authentication and Authorization in Jenkins. I hope you will get a great understanding of Jenkins.

Thank You!

Software Engineer at Pearson Lanka || Former Associate Software Engineer at hSenid Software International