diff --git a/go.mod b/go.mod
index 609739436..66f021052 100644
--- a/go.mod
+++ b/go.mod
@@ -20,8 +20,9 @@ require (
 	github.com/spf13/pflag v1.0.5
 	github.com/stretchr/testify v1.4.0
 	go.uber.org/zap v1.10.0
-	golang.org/x/net v0.0.0-20191028085509-fe3aa8a45271
-	golang.org/x/tools v0.0.0-20200210192313-1ace956b0e17 // indirect
+	golang.org/x/lint v0.0.0-20200302205851-738671d3881b // indirect
+	golang.org/x/net v0.0.0-20200226121028-0de0cce0169b
+	golang.org/x/tools v0.0.0-20200426102838-f3a5411a4c3b // indirect
 	gopkg.in/alexcesaro/quotedprintable.v3 v3.0.0-20150716171945-2caba252f4dc // indirect
 	gopkg.in/gomail.v2 v2.0.0-20160411212932-81ebce5c23df
 	k8s.io/api v0.0.0
diff --git a/go.sum b/go.sum
index 612fd8444..769dc2284 100644
--- a/go.sum
+++ b/go.sum
@@ -652,6 +652,7 @@ github.com/xiang90/probing v0.0.0-20160813154853-07dd2e8dfe18/go.mod h1:UETIi67q
 github.com/xiang90/probing v0.0.0-20190116061207-43a291ad63a2/go.mod h1:UETIi67q53MR2AWcXfiuqkDkRtnGDLqkBTpCHuJHxtU=
 github.com/xlab/handysort v0.0.0-20150421192137-fb3537ed64a1/go.mod h1:QcJo0QPSfTONNIgpN5RA8prR7fF8nkF6cTWTcNerRO8=
 github.com/xordataexchange/crypt v0.0.3-0.20170626215501-b2862e3d0a77/go.mod h1:aYKd//L2LvnjZzWKhF00oedf4jCCReLcmhLdhm1A27Q=
+github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
 github.com/yvasiyarov/go-metrics v0.0.0-20150112132944-c25f46c4b940/go.mod h1:aX5oPXxHm3bOH+xeAttToC8pqch2ScQN/JoXYupl6xs=
 github.com/yvasiyarov/gorelic v0.0.6/go.mod h1:NUSPSUX/bi6SeDMUh6brw0nXpxHnc96TguQh0+r/ssA=
 github.com/yvasiyarov/newrelic_platform_go v0.0.0-20140908184405-b21fdbd4370f/go.mod h1:GlGEuHIJweS1mbCqG+7vt2nvWLzLLnRHbXz5JKd/Qbg=
@@ -696,10 +697,15 @@ golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTk
 golang.org/x/lint v0.0.0-20190227174305-5b3e6a55c961/go.mod h1:wehouNa3lNwaWXcvxsM5YxQ5yQlVC4a0KAMCusXpPoU=
 golang.org/x/lint v0.0.0-20190301231843-5614ed5bae6f/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE=
 golang.org/x/lint v0.0.0-20190313153728-d0100b6bd8b3/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc=
+golang.org/x/lint v0.0.0-20190409202823-959b441ac422 h1:QzoH/1pFpZguR8NrRHLcO6jKqfv2zpuSqZLgdm7ZmjI=
 golang.org/x/lint v0.0.0-20190409202823-959b441ac422/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc=
+golang.org/x/lint v0.0.0-20200302205851-738671d3881b h1:Wh+f8QHJXR411sJR8/vRBTZ7YapZaRvUcLFFJhusH0k=
+golang.org/x/lint v0.0.0-20200302205851-738671d3881b/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY=
 golang.org/x/mod v0.0.0-20190513183733-4bf6d317e70e/go.mod h1:mXi4GBBbnImb6dmsKGUJ2LatrhH/nqhxcFungHvyanc=
 golang.org/x/mod v0.1.1-0.20191105210325-c90efee705ee h1:WG0RUwxtNT4qqaXX3DPA8zHFNm/D9xaBpxzHt1WcA/E=
 golang.org/x/mod v0.1.1-0.20191105210325-c90efee705ee/go.mod h1:QqPTAvyqsEbceGzBzNggFXnrqF1CaUcvgkdR5Ot7KZg=
+golang.org/x/mod v0.2.0 h1:KU7oHjnv3XNWfa5COkzUifxZmxp1TyI7ImMXqFxLwvQ=
+golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
 golang.org/x/net v0.0.0-20180112015858-5ccada7d0a7b/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
 golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
 golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
@@ -730,6 +736,8 @@ golang.org/x/net v0.0.0-20190812203447-cdfb69ac37fc/go.mod h1:mL1N/T3taQHkDXs73r
 golang.org/x/net v0.0.0-20190827160401-ba9fcec4b297/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
 golang.org/x/net v0.0.0-20191028085509-fe3aa8a45271 h1:N66aaryRB3Ax92gH0v3hp1QYZ3zWWCCUR/j8Ifh45Ss=
 golang.org/x/net v0.0.0-20191028085509-fe3aa8a45271/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
+golang.org/x/net v0.0.0-20200226121028-0de0cce0169b h1:0mm1VjtFUOIlE1SbDlwjYaDxZVDP2S5ou6y0gSgXHu8=
+golang.org/x/net v0.0.0-20200226121028-0de0cce0169b/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
 golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
 golang.org/x/oauth2 v0.0.0-20181106182150-f42d05182288/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
 golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
@@ -800,11 +808,17 @@ golang.org/x/tools v0.0.0-20190621195816-6e04913cbbac/go.mod h1:/rFqwRUd4F7ZHNgw
 golang.org/x/tools v0.0.0-20190624180213-70d37148ca0c/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc=
 golang.org/x/tools v0.0.0-20190706070813-72ffa07ba3db/go.mod h1:jcCCGcm9btYwXyDqrUWc6MKQKKGJCWEQ3AfLSRIbEuI=
 golang.org/x/tools v0.0.0-20191018212557-ed542cd5b28a/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
+golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
+golang.org/x/tools v0.0.0-20200130002326-2f3ba24bd6e7/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28=
 golang.org/x/tools v0.0.0-20200210192313-1ace956b0e17 h1:a/Fd23DJvg1CaeDH0dYHahE+hCI0v9rFgxSNIThoUcM=
 golang.org/x/tools v0.0.0-20200210192313-1ace956b0e17/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28=
+golang.org/x/tools v0.0.0-20200426102838-f3a5411a4c3b h1:zSzQJAznWxAh9fZxiPy2FZo+ZZEYoYFYYDYdOrU7AaM=
+golang.org/x/tools v0.0.0-20200426102838-f3a5411a4c3b/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE=
 golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898 h1:/atklqdjdhuosWIl6AIbOeHJjicWYPqR9bpxqxYG2pA=
 golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
+golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543 h1:E7g+9GITq07hpfrRu66IVDexMakfv52eLZ2CXBWiKr4=
+golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 gomodules.xyz/jsonpatch/v2 v2.0.1 h1:xyiBuvkD2g5n7cYzx6u2sxQvsAy4QJsZFCzGVdzOXZ0=
 gomodules.xyz/jsonpatch/v2 v2.0.1/go.mod h1:IhYNNY4jnS53ZnfE4PAmpKtDpTCj1JFXc+3mwe7XcUU=
 gonum.org/v1/gonum v0.0.0-20190331200053-3d26580ed485/go.mod h1:2ltnJ7xHfj0zHS40VVPYEAAMTa3ZGguvHGBSJeRWqE0=
diff --git a/pkg/apis/jenkins/v1alpha2/jenkins_types.go b/pkg/apis/jenkins/v1alpha2/jenkins_types.go
index 1e9eca806..07e0bd8d4 100644
--- a/pkg/apis/jenkins/v1alpha2/jenkins_types.go
+++ b/pkg/apis/jenkins/v1alpha2/jenkins_types.go
@@ -527,6 +527,8 @@ const (
 	BasicSSHCredentialType JenkinsCredentialType = "basicSSHUserPrivateKey"
 	// UsernamePasswordCredentialType define username & password Jenkins credential type
 	UsernamePasswordCredentialType JenkinsCredentialType = "usernamePassword"
+	// ExternalCredentialType defines other credential type
+	ExternalCredentialType JenkinsCredentialType = "external"
 )
 
 // AllowedJenkinsCredentialMap contains all allowed Jenkins credentials types
@@ -534,6 +536,7 @@ var AllowedJenkinsCredentialMap = map[string]string{
 	string(NoJenkinsCredentialCredentialType): "",
 	string(BasicSSHCredentialType):            "",
 	string(UsernamePasswordCredentialType):    "",
+	string(ExternalCredentialType):            "",
 }
 
 // SeedJob defines configuration for seed job
diff --git a/pkg/controller/jenkins/configuration/base/label.go b/pkg/controller/jenkins/configuration/base/label.go
index c53401c4e..5a37fc04c 100644
--- a/pkg/controller/jenkins/configuration/base/label.go
+++ b/pkg/controller/jenkins/configuration/base/label.go
@@ -57,4 +57,3 @@ func (r *ReconcileJenkinsBaseConfiguration) addLabelForWatchesResources(customiz
 	}
 	return nil
 }
-
diff --git a/pkg/controller/jenkins/configuration/base/plugin.go b/pkg/controller/jenkins/configuration/base/plugin.go
index f7c63a0b7..7d530b2a0 100644
--- a/pkg/controller/jenkins/configuration/base/plugin.go
+++ b/pkg/controller/jenkins/configuration/base/plugin.go
@@ -8,9 +8,8 @@ import (
 	"github.com/jenkinsci/kubernetes-operator/pkg/controller/jenkins/plugins"
 	"github.com/jenkinsci/kubernetes-operator/pkg/log"
 
-	stackerr "github.com/pkg/errors"
 	"github.com/bndr/gojenkins"
-
+	stackerr "github.com/pkg/errors"
 )
 
 func (r *ReconcileJenkinsBaseConfiguration) verifyPlugins(jenkinsClient jenkinsclient.Jenkins) (bool, error) {
diff --git a/pkg/controller/jenkins/configuration/base/pod.go b/pkg/controller/jenkins/configuration/base/pod.go
index 9a1bb7600..63803f129 100644
--- a/pkg/controller/jenkins/configuration/base/pod.go
+++ b/pkg/controller/jenkins/configuration/base/pod.go
@@ -1,8 +1,8 @@
 package base
 
 import (
-	"fmt"
 	"context"
+	"fmt"
 	"reflect"
 
 	"github.com/jenkinsci/kubernetes-operator/pkg/apis/jenkins/v1alpha2"
@@ -140,8 +140,6 @@ func (r *ReconcileJenkinsBaseConfiguration) checkForPodRecreation(currentJenkins
 	return reason.NewPodRestart(reason.OperatorSource, messages, verbose...)
 }
 
-
-
 func (r *ReconcileJenkinsBaseConfiguration) ensureJenkinsMasterPod(meta metav1.ObjectMeta) (reconcile.Result, error) {
 	userAndPasswordHash, err := r.calculateUserAndPasswordHash()
 	if err != nil {
@@ -222,4 +220,3 @@ func (r *ReconcileJenkinsBaseConfiguration) ensureJenkinsMasterPod(meta metav1.O
 
 	return reconcile.Result{}, nil
 }
-
diff --git a/pkg/controller/jenkins/configuration/base/rbac.go b/pkg/controller/jenkins/configuration/base/rbac.go
index 890d00326..1207793a8 100644
--- a/pkg/controller/jenkins/configuration/base/rbac.go
+++ b/pkg/controller/jenkins/configuration/base/rbac.go
@@ -89,5 +89,3 @@ func getExtraRoleBindingName(serviceAccountName string, roleRef rbacv1.RoleRef)
 	}
 	return fmt.Sprintf("%s-%s-%s", serviceAccountName, typeName, roleRef.Name)
 }
-
-
diff --git a/pkg/controller/jenkins/configuration/base/reconcile.go b/pkg/controller/jenkins/configuration/base/reconcile.go
index a27bd41fc..e2679ad70 100644
--- a/pkg/controller/jenkins/configuration/base/reconcile.go
+++ b/pkg/controller/jenkins/configuration/base/reconcile.go
@@ -229,8 +229,6 @@ func (r *ReconcileJenkinsBaseConfiguration) calculateUserAndPasswordHash() (stri
 	return base64.StdEncoding.EncodeToString(hash.Sum(nil)), nil
 }
 
-
-
 func compareImagePullSecrets(expected, actual []corev1.LocalObjectReference) bool {
 	for _, expected := range expected {
 		found := false
diff --git a/pkg/controller/jenkins/configuration/base/resources/service.go b/pkg/controller/jenkins/configuration/base/resources/service.go
index 72b7c5511..44a2b348a 100644
--- a/pkg/controller/jenkins/configuration/base/resources/service.go
+++ b/pkg/controller/jenkins/configuration/base/resources/service.go
@@ -96,4 +96,4 @@ func isRunningInCluster() (bool, error) {
 		return true, nil
 	}
 	return false, stackerr.WithStack(err)
-}
\ No newline at end of file
+}
diff --git a/pkg/controller/jenkins/configuration/base/service.go b/pkg/controller/jenkins/configuration/base/service.go
index b1cd719df..ecbb24cd1 100644
--- a/pkg/controller/jenkins/configuration/base/service.go
+++ b/pkg/controller/jenkins/configuration/base/service.go
@@ -38,4 +38,3 @@ func (r *ReconcileJenkinsBaseConfiguration) createService(meta metav1.ObjectMeta
 	service = resources.UpdateService(service, config)
 	return stackerr.WithStack(r.UpdateResource(&service))
 }
-
diff --git a/pkg/controller/jenkins/configuration/base/serviceaccount.go b/pkg/controller/jenkins/configuration/base/serviceaccount.go
index ecab38bc5..70a09289c 100644
--- a/pkg/controller/jenkins/configuration/base/serviceaccount.go
+++ b/pkg/controller/jenkins/configuration/base/serviceaccount.go
@@ -4,7 +4,7 @@ import (
 	"context"
 
 	"github.com/jenkinsci/kubernetes-operator/pkg/controller/jenkins/configuration/base/resources"
-	
+
 	stackerr "github.com/pkg/errors"
 	corev1 "k8s.io/api/core/v1"
 	apierrors "k8s.io/apimachinery/pkg/api/errors"
diff --git a/pkg/controller/jenkins/configuration/user/reconcile.go b/pkg/controller/jenkins/configuration/user/reconcile.go
index 8a719b30c..cd688c93f 100644
--- a/pkg/controller/jenkins/configuration/user/reconcile.go
+++ b/pkg/controller/jenkins/configuration/user/reconcile.go
@@ -35,7 +35,7 @@ func New(configuration configuration.Configuration, jenkinsClient jenkinsclient.
 func (r *ReconcileUserConfiguration) Reconcile() (reconcile.Result, error) {
 	backupAndRestore := backuprestore.New(r.Configuration, r.logger)
 
-	result, err := r.ensureSeedJobs()
+	result, err := r.ensureUserConfiguration(r.jenkinsClient)
 	if err != nil {
 		return reconcile.Result{}, err
 	}
@@ -43,11 +43,7 @@ func (r *ReconcileUserConfiguration) Reconcile() (reconcile.Result, error) {
 		return result, nil
 	}
 
-	if err := backupAndRestore.Restore(r.jenkinsClient); err != nil {
-		return reconcile.Result{}, err
-	}
-
-	result, err = r.ensureUserConfiguration(r.jenkinsClient)
+	result, err = r.ensureSeedJobs()
 	if err != nil {
 		return reconcile.Result{}, err
 	}
@@ -55,6 +51,10 @@ func (r *ReconcileUserConfiguration) Reconcile() (reconcile.Result, error) {
 		return result, nil
 	}
 
+	if err := backupAndRestore.Restore(r.jenkinsClient); err != nil {
+		return reconcile.Result{}, err
+	}
+
 	if err := backupAndRestore.Backup(); err != nil {
 		return reconcile.Result{}, err
 	}
diff --git a/pkg/controller/jenkins/configuration/user/seedjobs/validate.go b/pkg/controller/jenkins/configuration/user/seedjobs/validate.go
index 36c2d73d9..c3b39dcce 100644
--- a/pkg/controller/jenkins/configuration/user/seedjobs/validate.go
+++ b/pkg/controller/jenkins/configuration/user/seedjobs/validate.go
@@ -54,7 +54,9 @@ func (s *SeedJobs) ValidateSeedJobs(jenkins v1alpha2.Jenkins) ([]string, error)
 			messages = append(messages, fmt.Sprintf("seedJob `%s` Jenkins credential must be set while using ssh repository url", seedJob.ID))
 		}
 
-		if seedJob.JenkinsCredentialType == v1alpha2.BasicSSHCredentialType || seedJob.JenkinsCredentialType == v1alpha2.UsernamePasswordCredentialType {
+		if seedJob.JenkinsCredentialType == v1alpha2.BasicSSHCredentialType ||
+			seedJob.JenkinsCredentialType == v1alpha2.UsernamePasswordCredentialType ||
+			seedJob.JenkinsCredentialType == v1alpha2.ExternalCredentialType {
 			secret := &v1.Secret{}
 			namespaceName := types.NamespacedName{Namespace: jenkins.Namespace, Name: seedJob.CredentialID}
 			err := s.Client.Get(context.TODO(), namespaceName, secret)
diff --git a/test/e2e/restorebackup_test.go b/test/e2e/restorebackup_test.go
index 394c0cf91..0eb490c41 100644
--- a/test/e2e/restorebackup_test.go
+++ b/test/e2e/restorebackup_test.go
@@ -55,7 +55,7 @@ func waitForJob(t *testing.T, jenkinsClient client.Jenkins, jobID string) {
 	err := try.Until(func() (end bool, err error) {
 		_, err = jenkinsClient.GetJob(jobID)
 		return err == nil, err
-	}, time.Second*2, time.Minute*2)
+	}, time.Second*2, time.Minute*3)
 	require.NoErrorf(t, err, "Jenkins job '%s' not created by seed job", jobID)
 }
 
diff --git a/website/content/en/docs/Getting Started/latest/configuration.md b/website/content/en/docs/Getting Started/latest/configuration.md
index 552182d4e..0c4b68607 100644
--- a/website/content/en/docs/Getting Started/latest/configuration.md	
+++ b/website/content/en/docs/Getting Started/latest/configuration.md	
@@ -231,6 +231,9 @@ stringData:
   password: password_or_token
 ```
 
+### External authentication
+You can use `external` credential type if you want to configure authentication using Configuration As Code or Groovy Script.
+
 ## HTTP Proxy for downloading plugins
 
 To use forwarding proxy with an operator to download plugins you need to add the following environment variable to Jenkins Custom Resource (CR), e.g.: