While creating a webhook for connecting to Jenkins I am getting the following issues:
403 View details
Cache-Control: must-revalidate,no-cache,no-store Server: Jetty(10.0.11) X-Content-Type-Options: nosniff Content-Length: 575 Date: Wed, 11 Jan 2023 09:08:26 GMT Via: 1.1 localhost (Apache-HttpClient/4.5.13 (cache)) Content-Type: text/html; charset=ISO-8859-1
<html> <head> <meta http-equiv="Content-Type" content="text/html;charset=ISO-8859-1"/> <title>Error 403 No valid crumb was included in the request</title> </head> <body><h2>HTTP ERROR 403 No valid crumb was included in the request</h2> <table> <tr><th>URI:</th><td>//bitbucket-scmsource-hook//notify//</td></tr> <tr><th>STATUS:</th><td>403</td></tr> <tr><th>MESSAGE:</th><td>No valid crumb was included in the request</td></tr> <tr><th>SERVLET:</th><td>Stapler</td></tr> </table> <hr/><a href="https://eclipse.org/jetty">Powered by Jetty:// 10.0.11</a><hr/> </body> </html>
Hey Ravi_Ramachandra,
Good day!
Could you please install the plugin Build Authorization Token Root and rewrite the Webhook URL? It should work with the new URL.
https://plugins.jenkins.io/build-token-root/
Hey @Ravi_Ramachandra ,
Welcome to Atlassian Community!
Based on the error
No valid crumb was included in the request
I think the issue might be caused by a configuration on your Jenkins Instance. I believe you should have the flag Prevent Cross-Site Request Forgery exploits marked on your Jenkins configurations.
This particular setting will make Jenkins expect any webhook request to include a crumb header, like the below example :
--header "Jenkins-Crumb: <crumb>"
However, Bitbucket Cloud does not include that crumb header and we are not able to add these with our webhooks payloads, which makes the request fails with a 403.
In this case, if you are able to disable this setting on your Jenkins configuration, the webhooks should be delivered successfully. I would suggest taking a look at this thread with instructions on how to disable this setting in Jenkins :
Hope that helps! Let me know if you have any questions.
Patrik S
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.