API tokens just don't work

Hi,

So I read the notice on bitbucket app passwords, soon it will be deprecated and will be changed to API tokens. Did not read through the whole details and what is the deal, but I decided to give it a try.

It just doesn't work when I'm trying to clone a repo. I've copied the clone command from repo front page, and it asks me for a password.

```
git clone https://{bitbucket_username}@bitbucket.org/{workspace}/{repository}.git
```

I've copied the API token for the password but it says something like

remote: You may not have access to this repository or it no longer exists in this workspace. If you think this repository exists and you have access, make sure you are authenticated.
fatal: Authentication failed for 'https://bitbucket.org/{workspace}/{repository}.git/'

I think I followed the steps exactly as written in the following link. I've tried waiting for 10 minutes after creating API token, but still no luck

Using API tokens | Bitbucket Cloud | Atlassian Support

Bitbucket app passwords still works fine in the same condition

5 answers

1 vote

Only works if you go for with the "with Scope" option!, other way always fails, great job Atlassian

You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.

Comment

1 vote

Hi @Spencer Ahn

To start using API tokens - you'll need to create the API token and specify the scope - this is mentioned in our deprecation documentation:

Click the gear cog icon, select
Atlassian Account settings > Security tab > Create and manage API Tokens
Click Create API token with scopes and select Bitbucket Cloud.
If you want to be able to push/pull to the repository - you'll need to tick both
read:repository:bitbucket and write:repository:bitbucket
For clone only - this would just be read:repository:bitbucket.
More information on scopes can be found in our API scopes documentation.
Perform the clone using the API token by executing either of the commands below (if using the first command - you can find your username by clicking the gear cog icon and selecting Personal Bitbucket Settings - it's visible under the Bitbucket Profile Settings heading):
```
git clone https://username:APIToken@bitbucket.org/workspaceID/reposlug.git
git clone https://x-bitbucket-api-token-auth:APIToken@bitbucket.org/workspaceID/reposlug.git
```

Please perform the above and let me know how this goes. If you are still encountering issues, I will assist you further.

Cheers!

- Ben (Bitbucket Cloud Support)

You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.

Comment

This is exactly what I did. The same error msg from the original post happened.

You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.

Comment

Hi @Spencer Ahn

Is it still prompting you to enter the password manually or is it immediately giving you that error message?

In any case - I'd suggest removing all your cached credentials in case some old credentials are causing interference (ie Credential Manager for Windows, Access Keychain for Mac or /etc/shadow folder for Linux) before trying to authenticate again.

If this is still not working - please let me know.

Cheers!

- Ben (Bitbucket Cloud Support)

You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.

Comment

Also done, I've tried removing credentials cache, and it still doesn't work. Wish there was a way to get more info on not being authenticated.

You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.

Comment

Hi @Spencer Ahn

I've raised a support ticket on your behalf with our support team. Please note that as you are a member of a paid workspace - you can raise a support ticket directly with our team at any time:

https://support.atlassian.com/contact/#/

I've set the timezone to GMT-7 based on past tickets that have been raised using this workspaceID. Please let me know if this is incorrect and I will adjust it accordingly.

Cheers!

- Ben (Bitbucket Cloud Support)

You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.

Comment

Hello, I'm experiencing the exact same problem. Any progress?

Edit: it seems I was using an access token instead of an API token; once I used an API token it worked fine.

You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.

Comment

I had exactly the same thing. I was using SourceTree with an API Token. I tried a few different things, including assigning all permissions to the token. It authenticated, I could see that, but it had no permissions on the repo, not even Fetch. I couldn't see any further avenues to explore so I gave up.

You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.

Comment

Same problem here too :(

You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.

Comment

It works with this!!

You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.

Comment

0 votes

This constant authentication churn, combined with the convoluted nature of this whole API key issue has me considering another platform for our organization. Onboarding a new developer should not be this difficult! Now we have developers storing API keys in plain text all over the place to avoid the absurd process of issuing another one every time they check out code on a different machine, among other bad practices. This is NOT enhancing security at all. This is just creating friction that leads to terrible user habits.

As others have said, if you just want to use git at the command line, you have to create a key with scope and give it read and write for the repository in the selection list. What you do from there is up to you, but the resulting token will then work anywhere you typically would have used an account or app password.

You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.

Comment

0 votes

I ran into the same problem when I gave the API token admin permission on Bitbucket. After a while, I switched it to read permission, and then it finally started pulling the repo. Maybe Atlassian has a different idea of what 'admin permission' mean

You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.

Comment

0 votes

I finally resolved this issue after two days of suffering:

https://support.atlassian.com/bitbucket-cloud/docs/using-api-tokens/

To work with API Tokens, you need to add the token to the git url:

https://{bitbucket_username}:{api_token}@bitbucket.org/{workspace}/{repository}.git

This is not explained in the API Tokens pages at all, which is extremely frustrating.

You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.

Comment

@Nathan Hiemenz I tried exactly what is mentioned here but it is throwing the same error.

You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.

Comment

Suggest an answer

Was this helpful?

Thanks!

Bitbucket

DEPLOYMENT TYPE

CLOUD

PRODUCT PLAN

STANDARD

Forums

Q&A

Community resources

Support

Top groups

Community resources

Support

Learn

Community resources

Support

Events

Community resources

Support

API tokens just don't work

5 answers

https://{bitbucket_username}:{api_token}@bitbucket.org/{workspace}/{repository}.git

Suggest an answer

Was this helpful?

Thanks!

DEPLOYMENT TYPE

PRODUCT PLAN

TAGS

Atlassian Community Events