Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Rest API - Update a repository deploy key - return 403

vickos
vickos
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
March 26, 2023

Hi,

I am trying to use rest-API to update repository access key.

When calling this https://developer.atlassian.com/cloud/bitbucket/rest/api-group-deployments/#api-repositories-workspace-repo-slug-deploy-keys-key-id-put

The response is:

Response: 403 Forbidden
{"type": "error", "error": {"message": "This API is not accessible by this authentication mechanism"}}

Calling GET list deploy keys works fine

https://developer.atlassian.com/cloud/bitbucket/rest/api-group-deployments/#api-repositories-workspace-repo-slug-deploy-keys-get 

for both calls I am using access token with all available permissions 

Access token permissions:

Scopes

  • pipeline
  • pipeline:variable
  • pipeline:write
  • pullrequest
  • pullrequest:write
  • repository
  • repository:admin
  • repository:delete
  • repository:write
  • runner
  • runner:write
  • webhook
Answer
Watch
Like Be the first to like this
512 views

2 answers

1 accepted

1 vote
Answer accepted
Patrik S
Patrik S
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
March 28, 2023

Hello @vickos ,

Thank you for reaching out to Atlassian Community!

I'm afraid that currently Repository/project/workspace access tokens can't be used to authenticate API calls for POST/PUT/DELETE operation in the deploy-keys endpoint. I went ahead and created a feature request to add the ability to use this authentication mechanism : 

I would suggest you to add your vote there, since this helps both developers and product managers to understand the interest. Also, make sure you add yourself as a watcher in case you want to receive first-hand updates from that ticket. Please note that all features are implemented with this policy in mind.

While this feature is not implemented, the available authentication options for those endpoints are username and app password or OAuth access token. 

Thank you, @vickos !

Patrik S

Reply
0 votes
vickos
vickos
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
April 4, 2023

Thanks for your reply.

I was able to use  username and password to authenticate the API call, but I prefer not to use my own cerdinatial in the code.

How can I use OAuth access token, Do I need to use my username and password to create one or I can do it from the site? and how to limit the token's permissions?

What you think should be the best practice if I want automatically update access token after deploying my app to the server?

 

Tnx,

Vicko.

Reply

Suggest an answer

Log in or Sign up to answer
Bitbucket
Bitbucket
DEPLOYMENT TYPE
CLOUD
TAGS
AUG Leaders

Atlassian Community Events

    See all events