Hi team,
We’re migrating our automation from username and password authentication to Bitbucket API Tokens.
I created a token from the Atlassian security page with scopes including read:workspace:bitbucket, read:repository:bitbucket, read:project:bitbucket, and read:user:bitbucket.
When using the token with the endpoint: https://api.bitbucket.org/2.0/workspaces/<workspace>/projects/FTO/permissions/groups
(using either Bearer token or Basic Auth with email and token), the API consistently returns a 400 Bad Request with an empty message body.
The token also still shows “Never Accessed” on the Atlassian token page.
App Passwords continue to work fine.
Could you please confirm if API Tokens are fully supported for /2.0 endpoints or if support is still rolling out?
