Managing Jenkins API Tokens

The problem

Api Tokens are like user passwords, except they are always managed by Jenkins (even if you're using an external authentication scheme), and can only be used for "API" actions (e.g. using curl).
The storage scheme of these tokens is a little weird - the stored value is hashed …

more ...