We are happy to announce we have just released a new member of the API Token authentication family! Now you can enjoy advanced API token management also in Bitbucket Server and Data Center.
Yes, indeed. Bitbucket ships with personal access tokens so that users can leverage secure access to the Bitbucket REST API.
If you’re used to Bitbucket’s personal access tokens, jumping onto API Token Auth will be quite transparent, because there are important similarities.
A token can be used to interact with the API with the same permissions that the user has.
For example, if the user Mary Smith can fork a repository in project A but not in project B, a token for Mary can be used to fork a repository in project A, but not in project B.
On top of the user permissions, you have the option to restrict what a token can do even further.
Here’s where the approach differs a bit.
Beyond the similarities, there are some major differences that can improve the security of Bitbucket and give administrators more options to control who has the rights to connect to the API, and for doing what.
In Bitbucket, every user can create tokens for himself, and admins can revoke tokens. Period.
With the API Token Auth permissions, on top of the same base functionality you can decide which groups get to:
Bonus Trick: You can also restrict who gets to create read & write tokens with the options above.
As with the above, the older brothers of API Token Authenticator for Bitbucket already contained interesting restrictions that give additional security:
With this launch, API Token Authentication for Bitbucket has a complete set of functionality that we won’t expand in the short term.
But this can change, we’re always listening to our customers requirements.
We are highly responsive to the feature requests of our customers. Starting with SAML SSO, those feature requests have been the foundation to build our enterprise user management apps into the market leaders they currently are.
Start your evaluation of API Token Authentication for Bitbucket now from the Atlassian Marketplace
Capi [resolution]
Inbound Marketing | Thought Leadership
Resolution
Berlin, Germany
19 accepted answers
1 comment