When your Jenkins is secured, you can use HTTP BASIC authentication to authenticate remote API requests. See Authenticating scripted clients for more details.
Note: From Jenkins 2.96 onward, you can use an API token and avoid using a crumb / CSRF token.
If your Jenkins uses the "Prevent Cross Site Request Forgery exploits" security option (which it should), when you make a
POST request, you have to send a CSRF protection token as an HTTP request header.
For curl/wget you can obtain the header needed in the request from the URL
.../api/json). Something like this: