Forums
Home Q&A Discussion groups Articles Ask a question Search
Learning
Events
Champions
Community
Forums
Home Q&A Discussion groups Articles Ask a question Search
Learning Events Champions
Forums
Home Q&A Discussion groups Articles Ask a question Search
Learning Events Champions

Forums

Articles
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

API Token is not working

M_ Shiny _Contractor_
M_ Shiny _Contractor_
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
November 11, 2025

Hi team,

We’re migrating our automation from username and password authentication to Bitbucket API Tokens.

I created a token from the Atlassian security page with scopes including read:workspace:bitbucket, read:repository:bitbucket, read:project:bitbucket, and read:user:bitbucket.

When using the token with the endpoint: https://api.bitbucket.org/2.0/workspaces/<workspace>/projects/FTO/permissions/groups
(using either Bearer token or Basic Auth with email and token), the API consistently returns a 400 Bad Request with an empty message body.

The token also still shows “Never Accessed” on the Atlassian token page.
App Passwords continue to work fine.

Could you please confirm if API Tokens are fully supported for /2.0 endpoints or if support is still rolling out?

Answer
Watch
Like Be the first to like this
4226 views

1 answer

0 votes
Ben
Ben
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
November 13, 2025

Hi @M_ Shiny _Contractor_ 

 

Welcome to the Bitbucket Cloud community!

 

To start using API tokens with Bitbucket Cloud - you'll need to create the API token and specify the scope - this is mentioned in our deprecation documentation:

  1. Click the gear cog icon, select Atlassian Account settings > Security tab > Create and manage API Tokens

  2. Click Create API token with scopes and select Bitbucket Cloud

  3. You’ll now need to define the scopes necessary for the API commands you’re intending to execute. A summary of these for common API operations is as follows - you can find more information on scopes in our API scopes documentation:
    Repository Operations

    • GET (Read):

      • Scope: read:repository:bitbucket

      • Allows viewing repository data, including source code and configurations.

    • POST/UPDATE (Write):

      • Scope: write:repository:bitbucket

      • Allows modifying repository data (e.g., updating source, branches, tags, forking).

    • DELETE:

      • Scope: delete:repository:bitbucket

      • Allows deletion of repositories.

    Pull Requests

    • GET (Read):

      • Scope: read:pullrequest:bitbucket

      • Allows viewing pull requests and commenting.

    • POST/UPDATE (Write):

      • Scope: write:pullrequest:bitbucket

      • Allows creating, updating, approving, declining, and merging pull requests.

    Issues

    • GET (Read):

      • Scope: read:issue:bitbucket

      • Allows viewing, listing, searching, and commenting on issues.

    • POST/UPDATE (Write):

      • Scope: write:issue:bitbucket

      • Allows creating, updating, transitioning, and deleting issues.

    Wikis

    • GET/POST/UPDATE/DELETE:

      • Scope: wiki:bitbucket

      • Provides both read and write access to wikis (view, create, edit, push, clone).

    Snippets

    • GET (Read):

      • Scope: read:snippet:bitbucket

    • POST/UPDATE (Write):

      • Scope: write:snippet:bitbucket

    • DELETE:

      • Scope: delete:snippet:bitbucket

    Pipelines

    • GET (Read):

      • Scope: read:pipeline:bitbucket

    • POST/UPDATE (Write):

      • Scope: write:pipeline:bitbucket

  4. Perform the API command by using the API token with either of the sample commands below.

    Example 1: The API token, along with your Atlassian account email, can be sent as login credentials. For example:

    curl --request POST \ --url 'https://api.bitbucket.org/2.0/repositories/{workspace}/{repository}/commits' \ --user '{atlassian_account_email}:{api_token}' \ --header 'Accept: application/json'

    Example 2: Alternatively the API token can be sent in a HTTP Authorization header after the Bitbucket email and API token have been base64 encoded. For example:

    my_credentials_after_base64_encoding=`echo -n '{atlassian_account_email}:{api_token}' | base64` curl --request POST \ --url 'https://api.bitbucket.org/2.0/repositories/{workspace}/{repository}/commits' \ --header "Authorization: Basic $my_credentials_after_base64_encoding" \ --header 'Accept: application/json'

Please perform the above and let me know how this goes. If you are still encountering issues, please let me know the scopes you’ve configured, and share the cURL command you’re executing (make sure to censor any credentials).

Cheers!

- Ben (Bitbucket Cloud Support)

Reply

Suggest an answer

Log in or Sign up to answer
Bitbucket
Bitbucket
DEPLOYMENT TYPE
CLOUD
PRODUCT PLAN
PREMIUM
TAGS
AUG Leaders

Atlassian Community Events

    See all events
    Community
    Forums
    FAQs Forums guidelines
    Learning
    About learning Resources
    Events
    Champions
    Copyright © 2025 Atlassian
    Privacy Policy Notice at Collection Terms Security