Find plugins

OpenId Connect Authentication
1.3Minimum Jenkins requirement: 1.580.1ID: oic-auth


Allows users to authenticate using self hosted or public openid connect providers

Open Tickets (bugs and feature requests)





  • Bugfix for regression, breaks on absent expires_in


  • Local Login / escape hatch
  • Fix JEP-200 compatibility
  • Added test harness
  • Using role-based permissions
  • Fix for 1.1 breaking on existing configuration and configuration saving issues
  • Add groups at login if provided in the idToken as an array of strings
  • Exception with Azure authority needs testing
  • Patched TokenResponse of the google oauth-client for better compatibility with openid provider implementations
  • On Logout have the option to log out of OpenId Provider
  • Friendlier error when the user declines authorization


  • fix save not resetting userNameField and scopes to default values bug / User name field value not being updated
  • Add new setting to disable sslVerification - for testing purposes enhancement
  • Support OIDC UserInfo Endpoint enhancement


initial release


Configuration of this plugin takes a bit of effort as it requires some knowledge of the openid connect standard as well as the non-standard configuration of the various identity providers out there. Should you configure this plugin against a identity provider then please share your experiences and found caveats through a blog post or by adding it to the wiki.

Also note that the spec describes a wel known configuration location which will also help discovering your settings (https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderConfig)

Using the plugin with Azure AD

See this blog post http://www.epiclabs.io/configure-jenkins-use-azure-ad-authentication-openid-connect/

ArchivesGet past versions