Forums
Home Q&A Discussion groups Articles Ask a question Search
Learning
Events
Champions
Community
Forums
Home Q&A Discussion groups Articles Ask a question Search
Learning Events Champions
Forums
Home Q&A Discussion groups Articles Ask a question Search
Learning Events Champions

Forums

Articles
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

replacements for deprecated user-scoped permission endpoints being removed in CHANGE-2770

Roman Chametka
Roman Chametka
December 19, 2025

Hello,

I'm working on a Bitbucket Cloud integration and need clarification on several critical API endpoints that are being deprecated as part of CHANGE-2770.

Deprecated Endpoints in Question:

  1. GET /user/permissions/workspaces - Documentation
  2. GET /user/permissions/repositories - Documentation
  3. GET /repositories - Documentation

The suggested workspace-scoped alternatives appear to be:

  • /workspaces/{workspace}/permissions/repositories
  • /workspaces/{workspace}/permissions/repositories/{repo_slug}

However, these alternatives have a critical limitation: they require the authenticated user to have admin permissions on the repository (as stated in the documentation: "Only users with admin permission for the repository may access this resource").

Our integration needs to allow non-admin users to:

  • List all repositories the authenticated user has access to (across all workspaces)
  • Discover which workspaces they have access to and their permission level in each workspace
  • Check their own permission level (read/write/admin) on specific repositories

The deprecated endpoints were perfect for this because they:

  • Returned data scoped to the authenticated user's access
  • Didn't require admin permissions
  • Allowed filtering (e.g., GET /repositories?role=member)

Questions:

  1. What are the planned replacement endpoints that will allow non-admin users to:
    • List all repositories they have access to?
    • Check their own permission level on repositories?
    • List workspaces they're members of with their permission levels?
  2. Will there be user-scoped endpoints (similar to the deprecated ones) that return data based on the authenticated user's access without requiring admin permissions?
  3. What is the timeline for announcing/releasing these replacement endpoints?
  4. Is there a recommended workaround that doesn't require admin access for users to check their own permissions?

 

Thank you

Answer
Watch
Like Be the first to like this
295 views

1 answer

1 accepted

1 vote
Answer accepted
Ben
Ben
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
December 22, 2025

Hi Roman,

To answer your questions:

1. We currently don't have any information regarding a planned replacement for these endpoints or a concrete date for their full deprecation, unfortunately. I can confirm that all of these still function at this stage, and that any deprecation will have an appropriate notice period prior to implementation.

2. Refer to question 1.

3. Refer to question 1.

4. If you wish to check user-scoped access, this is technically possible without admin access using the new endpoint (it just requires extra queries) by using the role filter. 

For a given workspace and repo_slug:

  • Check if the repo appears under:

    GET /2.0/repositories/{workspace}?role=admin

    • If yes → user is admin on that repo.

  • Else, check:

    GET /2.0/repositories/{workspace}?role=contributor

    • If yes → user has write (but not admin).

  • Else, check:

    GET /2.0/repositories/{workspace}?role=member

    • If yes → user has at least read access.

This is a workaround alternative using the new endpoint as an alternative to a replacement (which does not yet exist). Combining those 3 calls together will give a list of repositories in a workspace where it can be inferred if the current scoped user is an admin, has write, or read access.

I hope this helps somewhat, please let me know if I can be of any further assistance :)

Cheers!

- Ben (Bitbucket Cloud Support)

View More Comments
Roman Chametka
Roman Chametka
January 7, 2026

Hi Ben,

Thank you for your response. However, I'm still confused because the official changelog for CHANGE-2770 states:

Sunset date: February 27, 2026

"Bitbucket will be introducing replacements for each of these endpoints"

This seems to indicate that:

  1. These endpoints will be removed on February 27, 2026
  2. Replacements will be provided

Could you please clarify:

  • Is the plan still to remove these endpoints on February 27, 2026?
  • If so, will replacements be provided before that date?
  • If replacements are planned, approximately when can we expect them to be announced?

Regarding the workaround you suggested using role filters on /repositories/{workspace} - this would require us to make 3 API calls per workspace just to determine access, and we'd need to know all workspaces upfront. The deprecated endpoints solved this by returning all accessible repositories across all workspaces in a single call. Is there a more efficient approach that doesn't require multiple calls per workspace?

Thank you for your help!

Like
Ben
Ben
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
January 7, 2026

Hi @Roman Chametka 

My apologies. Yes, the plan is still to replace those endpoints on that date. I have confirmed with the engineering team responsible that a replacement for these will definitely be released before the deprecation date.

Unfortunately, there is not a more efficient approach for this at this stage that I am aware of. This is because our API's are being scoped for single workspaces. I would suggest using the existing API calls in the interim, and waiting for the replacement endpoints to determine their effectiveness. If they do not solve your use case, we can raise feature request tickets with our developers if improvements are needed prior to the deprecation date.

Cheers!

- Ben (Bitbucket Cloud Support)

Like
Roman Chametka
Roman Chametka
January 8, 2026

Hi Ben,

Thank you for confirming. Apologies for being pedantic but I'm still a bit concerned about the timeline. Could you please clarify:

  1. When will the replacement endpoints be announced? Given we're 7 weeks from the sunset date, should we expect them in January 2026?
  2. If the replacements aren't ready by February 27, 2026, will the existing endpoints continue to function past that date until proper replacements are available?
  3. Alternatively, is there any possibility of pushing back the sunset date to allow adequate time for the replacements to be released and for integrations to migrate?

I'm concerned that if replacements are announced close to the sunset date, we won't have sufficient time to update our integration and test thoroughly before the existing endpoints are removed.

Thank you.

Like
Ben
Ben
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
January 8, 2026

Hi @Roman Chametka 

Not a problem; it's understandable, considering how significant these endpoints are in the context of your use case. I did receive confirmation directly from the engineering team yesterday that a replacement would be released prior to the deprecation date for this reason, as these endpoints are widely used by our customers.

Today, it has been shared with me that the replacement release will be happening this month (we don't have an exact date but this is expected to be sometime next week).

Please rest assured that we would not deprecate such a major endpoint without a suitable replacement in its place or a transition time to move to this new endpoint.

Please let me know if I can provide further clarification on anything else.

Cheers!

- Ben (Bitbucket Cloud Support)

Like
Roman Chametka
Roman Chametka
January 22, 2026

Hi Ben,

I see that two new API endpoints have been released, but there doesn't seem to be a replacement for the GET /repositories endpoint.

I understand that support for cross-workspace APIs has ended, but I'm wondering if there's an API endpoint that can tell me which repositories a user is a collaborator on (i.e., they have direct access to the repository but not the workspace itself)?

Previously, the repositories endpoint helped us make this distinction. We need this information to determine which workspaces contain repositories the user collaborates on.

Thanks again for your help.

Like
Reply

Suggest an answer

Log in or Sign up to answer
Bitbucket
Bitbucket
DEPLOYMENT TYPE
CLOUD
PERMISSIONS LEVEL
Product Admin Site Admin
TAGS
AUG Leaders

Atlassian Community Events

    See all events
    Community
    Forums
    FAQs Forums guidelines
    Learning
    About learning Resources
    Events
    Champions
    Copyright © 2026 Atlassian
    Privacy Policy Notice at Collection Terms Security