Once you have defined how to identify your users, you need to decide what they are allowed to do. Jenkins supports a variety of strategies in this area, ranging from a simple approach where a logged-in user can do anything to more involved roles and project-based authentication strategies.
Letting signed-in users do anything is certainly flexible, and may be all you need for a small team. For larger or multiple teams, or cases where Jenkins is being used outside the development environment, a more sophisticated approach is generally required.
Matrix-based security is a more sophisticated approach, where different users are assigned different rights, using a role-based approach.
The first step in setting up matrix-based security in Jenkins is to create an administrator. This is an essential step, and must be done before all others. Now your administrator can be an existing user, or one created specially for the purpose. If you want to create a dedicated administrator user, simply create one by signing up in the usual way (see Figure 7-2). It doesn’t have to be associated with an SCM user.
Once you have your admin user ready, you can activate matrix-based security by selecting “Matrix-based security” in the Authorization section of the main configuration page. Jenkins will display a table containing authorized users, and checkboxes corresponding to the various permissions that you can assign to these users ...