Our Jenkins pipeline is aborting during the compliance validation stage when trying to validate requirements against our corporate compliance rules. The Jenkins Polarion plugin runs the bulk validation API call but returns validation failures for rules that should pass.
We’re using pol-2406 with the latest Jenkins plugin version. The service account has read access to compliance rules, but I’m wondering if there’s a permission issue with the bulk validation endpoint itself.
POST /polarion/rest/v1/projects/PROJ/compliance/validate
Response: 403 Forbidden - Insufficient permissions for bulk validation
This is blocking our compliance reporting workflow. Has anyone encountered permission issues with compliance rule configuration when calling the validation API from CI pipelines?
One thing to add - if you’re using SSO or LDAP authentication for the service account, make sure the account isn’t subject to interactive login requirements. Service accounts used by CI tools should have allowAPIAccess=true and requireInteractiveAuth=false in the user configuration. I’ve seen cases where the authentication succeeds but authorization fails due to session token issues.
The 403 error suggests your service account lacks the specific permission for bulk compliance operations. Regular read access to compliance rules isn’t enough - you need the compliance-validator role assigned to the service account in Polarion’s project settings.
I had the exact same issue last month. Check your Jenkins plugin configuration - the service account credentials need to be configured at the global Jenkins level, not just in the pipeline script. Also verify the account has API access enabled in Polarion user management.