Problems with API-Token and CURL

I created an API token and selected ALL available scopes
I want to access the "Downloads" section of my repository from a gradle task, which does not work.

For simplifying testing i tried this:

export BITBUCKET_USER="my_email"
export BITBUCKET_TOKEN="my_token"

curl -i -u "$BITBUCKET_USER:$BITBUCKET_TOKEN" \
https://api.bitbucket.org/2.0/user

curl -i -u "$BITBUCKET_USER:$BITBUCKET_TOKEN" \
https://api.bitbucket.org/2.0/myrepo/myapp

Both curl calls present a 401 error.

What I am doing wrong?

2 answers

0 votes

Hi @Dirk R

I can see that you have specified API with scopes (which is correct), however, the authorization you're performing in the cURL command is incorrect.

You need to use your email address followed by the token:

Example 1: The API token, along with your Atlassian account email, can be sent as login credentials.

curl --request POST \ --url 'https://api.bitbucket.org/2.0/repositories/{workspace}/{repository}/commits' \ --user '{atlassian_account_email}:{api_token}' \ --header 'Accept: application/json'
Example 2: Alternatively the API token can be sent in a HTTP Authorization header after the Bitbucket email and API token have been base64 encoded.

my_credentials_after_base64_encoding=`echo -n '{atlassian_account_email}:{api_token}' | base64` curl --request POST \ --url 'https://api.bitbucket.org/2.0/repositories/{workspace}/{repository}/commits' \ --header "Authorization: Basic $my_credentials_after_base64_encoding" \ --header 'Accept: application/json'

Note: you'll need to remove the curly braces and replace any placeholder values with actual values

Please perform the above and let me know how this goes. If you are still encountering issues, please let me know the scopes you’ve configured, and share the cURL command you’re executing (make sure to censor any credentials).

Cheers!

- Ben (Bitbucket Cloud Support)

You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.

Comment

0 votes

@Dirk R

Note that for downloads the correct URL is (API end point doc):

https://api.bitbucket.org/2.0/repositories/{workspace}/{repo_slug}/downloads

So the "/repositories/" fragment is missing from your URL!

Also, you need to determine what type of credential you created. If you created an "App Password" (under Personal Settings > App passwords), you must use your Bitbucket username, not your email address. Your Bitbucket username can be found under Personal Settings > Account settings. The curl call would look like:

curl -u "your_bitbucket_username:your_app_password" https://api.bitbucket.org/2.0/user

If instead you created a Repository Access Token or Workspace Access Token (these are found in the repository or workspace settings and have scopes), the authentication works differently. You should use Bearer token authentication:

curl -H "Authorization: Bearer YOUR_TOKEN" https://api.bitbucket.org/2.0/user

You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.

Comment

Thanks for your reply. I created an API token with scopes:
https://support.atlassian.com/bitbucket-cloud/docs/api-tokens/
App passwords seem to be deprecated.
You are right, I missed the repository fragment in the url. But it does also not work with it. Also the Bearer method fail with:
{"message": "Token is invalid, expired, or not supported for this endpoint."}
That's strange because the token is not expired and I allowed ALL possible scopes.

You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.

Forums

Q&A

Community resources

Support

Top groups

Community resources

Support

Learn

Community resources

Support

Events

Community resources

Support

Problems with API-Token and CURL

2 answers

Suggest an answer

Was this helpful?

Thanks!

TAGS

Atlassian Community Events