Forums
Home Q&A Discussion groups Articles Ask a question Search
Learning
Events
Champions
Community
Forums
Home Q&A Discussion groups Articles Ask a question Search
Learning Events Champions
Forums
Home Q&A Discussion groups Articles Ask a question Search
Learning Events Champions

Forums

Articles
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

All API calls return 401 Unauthorized, regardless of the authentication method used.

Penny
Penny
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
March 11, 2026

Hello Bitbucket Support Team,

We are facing an authentication issue with Bitbucket REST API. We are trying to integrate Bitbucket with an AWS Lambda function to fetch PR and pipeline data for our internal DevOps chatbot.

Problem: All API calls return 401 Unauthorized, regardless of the authentication method used.

What we have tried:

  1. HTTP Access Token (Bearer): Generated from Repository Settings → Access tokens. Returns 401.
  2. Basic Auth (email + App Password): The "App passwords" option is not visible in our Bitbucket account settings. We cannot find it under Personal Settings.
  3. Basic Auth (email + HTTP Access Token): Also returns 401.

Our setup:

Questions:

  1. Why is "App passwords" not available in our account settings?
  2. Is our account on Bitbucket Cloud or Bitbucket Data Center? (Authentication methods differ)
  3. What is the correct way to authenticate REST API calls for our workspace?

Please advise on the correct authentication method for our account.

Thank you,
Penny
Tracxsystems DevOps Team

Answer
Watch
Like Be the first to like this
178 views

2 answers

0 votes
Syahrul
Syahrul
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
March 15, 2026

Hi @Penny 

Bitbucket has a few ways to authenticate through the API endpoint. A few commons one are

Access tokens:

  • Access tokens for repositories — Provides access to a single repository with the permissions specified at the time of creation. An access token for a repository can be used for tasks such as managing a single repository or allowing a CI/CD tool to access the source code of a single repository in the workspace. For more information, including creation and usage, see Access tokens for a repository.

  • Access tokens for a project (Premium feature) — Provides access to a single project and the repositories in it. The access permissions (or scopes) are specified at the time of creation. Access tokens for a project can be used for tasks such as managing or accessing the repositories in a single project. For more information, including creation and usage, see Access tokens for a project.

  • Access tokens for a workspace (Premium feature) — Provides access to a single workspace and the repositories and projects in it. The access permissions (or scopes) are specified at the time of creation. Access tokens for a workspace can be used for tasks such as managing or accessing the repositories in a single workspace or managing the workspace. For information, including creation and usage, see Access tokens for a workspace.

Each of these access tokens has a specific needs and you can check the link I shared above on how to use them. So please review them and let me know which one you would like to use.

There's also account specific API token and it's a single purpose access tokens with scoped user access (specified at the time of creation). These tokens can be useful for scripting, CI/CD tools, and testing Bitbucket Connect applications while they are in development.

Example use:

curl --request POST \  
--url 'https://api.bitbucket.org/2.0/repositories/{workspace}/{repository}/commits' \  
--user '{atlassian_account_email}:{api_token}' \  
--header 'Accept: application/json'

As for APP passwords, we no longer support them, so it's not possible to create them anymore. We suggest using API token moving forward, or if you have a specific need, explore the use of Access tokens.

I hope this helps.

Regards,
Syahrul

Reply
0 votes
Derek Fields _RightStar_
Derek Fields _RightStar_
Community Champion
March 11, 2026

@Penny It appears that you are on Bitbucket Cloud since that is the URL that you are using. If you are on Data Center, you would be calling a URL on your Data Center instance. Is your repo at https://bitbucket.org/tracxsystems/<repo slug>? If so, then you are on Cloud. If your repo is at something like https://tracxsystems.com:<port>/... then you are on Data Center.

App passwords are no longer supported for APIs. you either need to generate an API Token associated with your account or set up OAuth for authentication. To set up an API token, you would go to your avatar and select Account Settings. From there, you would select Security and scroll down until you see API Tokens. Create a new token and submit it just the way you indicate above using Basic authorization. 

You need to use Scoped Tokens for Bitbucket Cloud. I tested it with Classic (non-scoped) and it didn't work. When I created a Scoped Token, it worked for me.

Hope this helps. Good luck.

Reply

Suggest an answer

Log in or Sign up to answer
Bitbucket
Bitbucket
DEPLOYMENT TYPE
CLOUD
PERMISSIONS LEVEL
Product Admin Site Admin
TAGS
AUG Leaders

Atlassian Community Events

    See all events
    Community
    Forums
    FAQs Forums guidelines
    Learning
    About learning Resources
    Events
    Champions
    Copyright © 2026 Atlassian
    Privacy Policy Notice at Collection Terms Security