Example of Role-based Authorization Strategy in Jenkins.

We will learn here to use a Role-based Authorization Strategy to assign a role and provide limited permissions to a user. You should have the plugin installed in your Jenkins or you can see here, how to install it.



There is going to be a Jenkins user named “tester” for a tester and we will have to assign some permissions as follows:

✔  He/She should have Build, Configure, Cancel and View type of permissions on Jenkins jobs which start from “tester-” name.

✔  And for the rest of the other Jobs, there should be only Read only permission. (He/She should not be able to build, cancel or configure the job).


Step 1. Create some demo Jenkins Job.

To test the Role-based plugin we will create two demo projects named tester-demo1 and tester-demo2


Step 2. Now create a user tester.

✔  Go to Manage Jenkins > Manage Users.

✔  Click on Create User at the left side of the Manage Users screen.

✔  Fill in all the necessary details and click on Create User button.

✔  Your new user has been created. (In this case, the user is a tester).


Step 3. Creating roles for the new user

✔  Go to Manage Jenkins > Manage and Assign Roles.



✔  Click on Manage Roles.


1. Global Role: to set the permission of all the Jenkins  Jobs

✔  Create Global roles and name them as “tester”.

✔  Next, give the permissions (Read-Only) for all the project by checking the following options:

    • Overall – Read
    • Job – Read


2. Item Role: To set permission for a specific Jenkins job.

✔  Below Global Role, create an Item Role

✔  add “tester-jobs” in Role to add blank and

✔  tester.* in Pattern black to select the specific Jenkins Jobs which starts with tester word.



✔  Now, give the required permission to meet the scenario objective mentioned above.

✔  Permission is as follows:

    • Job – Build, Cancel, Configure and Read




✔  Save the configurations.


Step 4. Assigning Roles to the new user

✔  Click on the Assign Roles.

✔  Under Global roles, add a user (name of the user created in Step 2.) named tester.

✔  Check the tester role (Global Role created in Step 3.) for the tester users.




✔  Next, add a user, named tester (name of the user created in Step 2.) under Item Role.

✔  Now, check the tester-job role (Item Role created in Step 3) for the tester user.




✔  Save the configurations.

Step 5. Check the permission of the new user.

✔  Logout from the admin user.

✔  Login with tester user.

✔  All the jobs/projects are visible on the dashboard.




✔  Next, open any job starting with the tester word.




✔  The project has the permissions to Read, Build, Configure and cancel.

✔  Now, open a job different job that doesn’t start with a word tester.




✔  There is no permission other than Read-only.



This concludes that we have successfully provided the specific sets of permissions to a new user.



Create a user for a tester with the following permissions:

✔  He/She should have Build, Cancel, and View type of permissions on Jenkins jobs which start from the “tester” name.

✔  He/She cannot see other projects in its dashboard.