Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 30 Next »

Jenkins provides machine-consumable remote access API to its functionalities. Currently it comes in three flavors:

  1. XML
  2. JSON with JSONP support
  3. Python

Remote access API is offered in a REST-like style. That is, there is no single entry point for all features, and instead they are available under the ".../api/" URL where "..." portion is the data that it acts on.

For example, if your Jenkins installation sits at, visiting will show just the top-level API features available – primarily a listing of the configured jobs for this Jenkins instance.
Or if you want to access information about a particular build, e.g., then go to and you'll see the list of functionalities for that build.

The work on this front is ongoing, so if you find missing features, please file an issue.

What can you do with it?

Remote API can be used to do things like these:

  1. retrieve information from Jenkins for programmatic consumption.
  2. trigger a new build
  3. create/copy jobs

Submitting jobs

For a job with no parameters, you need merely go an HTTP GET on


where TOKEN is set up in the job configuration.

If you have parameters, you need to send JSON. Here's a snipped of shell, with
a few extra newlines to be more readable.

json="{\"parameter\": [{\"name\": \"taskfile\", \"value\": \"$taskfile\"},
{\"name\": \"task\", \"value\": \"$task\"},
{\"name\": \"jobParameters\", \"value\": \"$jobargs\"}], \"\": \"\"}"

curl -X POST $url -d token=zorn --data-urlencode json="$json"

Remote API and security

When your Jenkins is secured, you can use HTTP BASIC authentication to authenticate remote API requests. See Authenticating scripted clients for more details.

CSRF Protection

If your Jenkins uses the "Prevent Cross Site Request Forgery exploits" security option (which it should), when you make a POST request, you have to send a CSRF protection token as an HTTP request header.
For curl/wget you can obtain the header needed in the request from the URL http://server/jenkins/crumbIssuer/api/xml (or /api/json). Something like this:

wget -q --output-document - \

This will print something like ".crumb:1234abcd", which you should add to the subsequent request.

Sample code

A simple client is available to demonstrate how you can invoke the XML from Java (Java source)

XPath selection

The XML API supports a selection by XPath by using the query parameter 'xpath'. This is convenient for extracting information in environments where XML manipulation is tedious (such as shell script.) See issue #626 for an example of how to use this.
See .../api/ on your Jenkins server for more up-to-date details.

XPath exclusion

Similar to the 'xpath' query parameter above, you can use (possibly multiple) 'exclude' query patterns to exclude nodes from the resulting XML. All the nodes that match the specified XPath will be removed from the XML.
See .../api/ on your Jenkins server for more up-to-date details.

Depth control

Sometimes the remote API doesn't give you enough information in one call. For example, if you'd like to find out all the last successful build of a given view, you'd realize that the invocation to the remote API of the view won't give you this, and you'd have to recursively call the remote API of each project to find this out. The depth control, introduced in 1.167, solves this problem. To understand this feature, it's good to start with how the remote API works.

The data model that Jenkins maintains internally can be thought of as a big tree structure, and when you make a remote API call, you are getting a small subtree of it. The subtree is rooted at the object for which you made a remote API call, and the sub-tree is cut beyond certain depth to avoid returning too much data. You can adjust this cut-off behavior by specifying the depth query parameter. When you specify a positive depth value, the subtree cut-off happens that much later.

So the net result is, if you specify a bigger depth value, you'll see that the remote API will now return more data. Because of the algorithm, this works in such a way that the data returned by a bigger depth value includes all the data returned by smaller
depth value.

See .../api/ on your Jenkins server for more up-to-date details.

Python API wrappers

JenkinsAPI is an object-oriented python wrapper for the Python REST API which aims to provide a more conventionally pythonic way of controlling a Jenkins server. It provides a higher-level API containing a number of convenience functions. Services offered currently include:

  • Query the test-results of a completed build
  • Get a objects representing the latest builds of a job
  • Search for artefacts by simple criteria
  • Block until jobs are complete
  • Install artefacts to custom-specified directory structures
  • username/password auth support for jenkins instances with auth turned on
  • Ability to search for builds by subversion revision
  • Ability to add/remove/query jenkins slaves

Detecting Jenkins version

To check the version of Jenkins, load the top page (or, as of 1.483, any /api/* page too) and check for the X-Jenkins response header. This contains the version number of Jenkins, like "1.404" This is also a good way to check if an URL is a Jenkins URL.

Discovering Jenkins on the network

Jenkins instances listen on UDP port 33848. Whenever a UDP packet is received, it will respond with a short XML fragment that shows the connection information. This XML has the following format:

  <version>1.380</version>           <!-- version of Jenkins -->
  <url>http://somwhere/jenkins/</url> <!-- HTTP URL. Not available if not configured -->
  <slave-port>12345</slave-port>     <!-- if TCP slave listener port is configured, its number -->

By using this, a client can use a UDP broadcast to try to discover nearby Jenkins instances. This is primarily useful for Swarm Plugin.

  • No labels