Forums
Home Product Q&A Discussion groups Articles Ask a question Search
Learning
Events
Champions

Forums

Articles
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Will API Token support REST API's where as APP Password supports REST API's?

vinoth_vinothkumaar_accenture
vinoth_vinothkumaar_accenture
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
August 1, 2025

Currently we have around 50-60 repos being managed with these 3 types of modules (proxy, sharedflow and config).
In order to ease the process we have created a Centralized Repo (apigee-devops-pipeline) and managing the devops configuration, Repository variables and the bitbucket-pipeline.yml for the individual repos (50-60). Currently we have done this setup for 1 per each module, almost we are at the end of the centralized pipeline setup now. With App Password by using REST API i could get the result but if i use API Token i am getting 401 error.

Scenario:
When a developer pushes the code and raises a PR from from feature to develop branch sonar check should happen in centralized pipeline once the PR is raised in the individual repo and need to provide its Pass/fail result to Individual repo.

Result:
We tried to create Bitbucket APP password which is going to be deprecated soon and used that in the centralized pipeline. By using the REST API's i could get the Sonar scan status under the checks in the individual PR request screen. So when the developer merge the changes if the sonar is success then it will allow to merge and if it fails then developer needs to fix it and then merge.

              curl -v -f -X POST \
                -u "$BITBUCKET_USERNAME:$BITBUCKET_APP_PASSWORD_WRITE" \
                -H "Content-Type: application/json" \
                --data-binary @"$PAYLOAD_FILE"

100 1910 100 1655 100 255 4057 625 --:--:-- --:--:-- --:--:-- 4692
* Connection #0 to host api.bitbucket.org left intact
2025-08-01T19:37:25.741820045Z stdout P {"key": "sonar-pr-feature/check", "type": "build", "state": "FAILED", "name": "Sonar Scan", "refname": null, "commit": {"hash": "b323157158021b9fde92a32fa4ae847756f82a32", "links": {"self": {"href": "https://api.bitbucket.org/2.0/repositories/whirpoolnardevops/sharedflow-templatesharedflow/commit/b323157158021b9fde92a32fa4ae847756f82a32"}, "html": {"href": "https://bitbucket.org/whirpoolnardevops/sharedflow-templatesharedflow/commits/b323157158021b9fde92a32fa4ae847756f82a32"}}, "type": "commit"}, "url": "https://access.whirlpool.com/sonar/dashboard?id=sharedflow-templatesharedflow", "repository": {"type": "repository", "full_name": "whirpoolnardevops/sharedflow-templatesharedflow", "links": {"self": {"href": "https://api.bitbucket.org/2.0/repositories/whirpoolnardevops/sharedflow-templatesharedflow"}, "html": {"href": "https://bitbucket.org/whirpoolnardevops/sharedflow-templatesharedflow"}, "avatar": {"href": "https://bytebucket.org/ravatar/%7B28af68b8-7690-4d7d-8313-3902bb6335c0%7D?ts=default"}}, "name": "sharedflow-templatesharedflow", "uuid": "{28af68b8-7690-4d7d-8313-3902bb6335c0}"}, "description": "Sonar Scan failed. Check pipeline logs and SonarCloud report.", "created_on": "2025-08-01T19:37:25.582119+00:00", "updated_on": "2025-08-01T19:37:25.582134+00:00", "links": {"self": {"href": "https://api.bitbucket.org/2.0/repositories/whirpoolnardevops/sharedflow-templatesharedflow/commit/b323157158021b9fde92a32fa4ae847756f82a32/statuses/build/sonar-pr-feature/check"}, "commit": {"href": "https://api.bitbucket.org/2.0/repositories/whirpoolnardevops/sharedflow-templatesharedflow/commit/b323157158021b9fde92a32fa4ae847756f82a32"}}}


 
Similarly we tried to create bitbucket API Token for the same scenario and from the centralized pipeline i could not get the sonar scan status under the checks in the individual PR Request Screen. I am getting 401 error when trying to do with the REST API,

                -u "x-token-auth:$BITBUCKET_API_TOKEN_WRITE" \
                -H "Content-Type: application/json" \
                --data-binary @"$PAYLOAD_FILE"



* The requested URL returned error: 401
100 280 0 0 100 280 0 1566 --:--:-- --:--:-- --:--:-- 1573
* Connection #0 to host api.bitbucket.org left intact
curl: (22) The requested URL returned error: 401
Build teardown

Answer
Watch
Like Be the first to like this
17 views

1 answer

0 votes
Jin Cho
Jin Cho
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
August 1, 2025

Hi @vinoth_vinothkumaar_accenture 

First of all, welcome to the Atlassian Community!

It looks like you're facing a similar issue to what I encountered when switching from an App password to an API token. If I'm understanding correctly, it seems like the header name  might not be supported. Could you try following this guide and see if that helps? Also, make sure that the necessary scope is included when you create the API token. Give it a try and let me know how it goes!

Jin

Using API Tokens

 

Reply

Suggest an answer

Log in or Sign up to answer
Bitbucket
Bitbucket
DEPLOYMENT TYPE
CLOUD
PRODUCT PLAN
PREMIUM
TAGS
AUG Leaders

Atlassian Community Events

    See all events
    Community
    Forums
    FAQs Forums guidelines
    Learning
    About learning Resources
    Events
    Champions
    Copyright © 2025 Atlassian
    Privacy Policy Notice at Collection Terms Security