Cannot access crumbIssuer with anonymous access turned off without passing authentication parameters?

[Eric B]

I have enabled CSRF in Jenkins with the Default Crumb Issuer enabled.  I have disabled all anonymous access to my instance of Jenkins.

I am looking to make an API call to trigger a build using a Token.  This API is a POST method and consequently, I need to first retrieve a bread crumb.  However the /crumbIssuer/api/xml?xpath=concat(//crumbRequestField,":",//crumb) rejects any non-authenticated requests.

Is there anyway to make the crumbIssuer endpoint open to anonymous access?  I would like to retrieve the crumb that is needed for the POST without needing to pass a user's credentials.

I reopened JENKINS-31515 with respect to this exact issue.

Is something like this even feasible?

Thanks,

Eric