Come for the products,
stay for the community

The Atlassian Community can help you and your team get more value out of Atlassian products and practices.

Atlassian Community about banner
Community Members
Community Events
Community Groups

Cloud Bitbucket, API Token

Cloud -> -> User -> Personal Settings -> App Password

here is generated a new api token. I would like to use that instead of password. i couldn't find support to accept such token in the provided python api.

it only accepts: user/pass, oath, kerb, cookies. 

please let me know if there is an api that can help us use this token way of signing in to the app and call rest apis.



1 comment

Hi @Sunil ,

Welcome to the Community.

App password is meant to be used together with your username, literally replacing your regular password. So basic user/pass auth is what you're after.

On a side note, the tool you linked to is a third party project so I haven't checked if it works well with Bitbucket Cloud.

Hope this helps.


Thank you Danil. I tried -u <email>:<key> and it never worked.

For login I am using:

Bitbucket(,, password=self.password, cloud=True, advanced_mode=True)

If I pass email, <real-password>: it works fine.

If I pass email, <password-key>: it doesnt work.


This link is atlassian owned codebase.

You might be sounding right. Unfortunately this py files are referring to 1.0 api. 1.0 is removed from support by bitbucket. 


I found a different way to avoid sharing ascii password text. I know password is hiding and it can easily be decoded.

>>> import base64
>>> data="<email>:<password>"
>>> encoded=base64.b64encode(data.encode("utf-8"))
>>> encodedBytes=base64.b64encode(data.encode("utf-8"))
>>> encodedStr = str(encodedBytes, "utf-8")
>>> print(encodedStr)

url -H “Authorization: Basic c3V........dWRmYWJyaXguY29........hOA==” -X GET -H “Content-Type: application/json”

I am able to skip giving away the password.


But this doesnt fly with the above code base. Above code doesnt allow logins like this.

I will forget about API and rather using plain requests pkg and go with pure rest calls.

You should use your username, not email. They are independent. Username is what you get in HTTPS clone URLs or in settings (Bitbucket → Your avatar → Personal settings → Account settings → Bitbucket profile settings). Another reason for the app password to not work is insufficient scopes which you assigned to it on creation.

This link is atlassian owned codebase.

No, it isn't. Our main official account on GitHub is Whereas atlassian-api is maintained by just one third party person.

Unfortunately this py files are referring to 1.0 api. 1.0 is removed from support by bitbucket.

I briefly glanced through that tool, and I have a feeling it is designed to work with Bitbucket Server rather than Bitbucket Cloud. They have completely different APIs, and Bitbucket Server's current API version is indeed 1.0.

You are right about removal of version 1.0 API from Bitbucket Cloud though, but note that it wasn't same to the API of Bitbucket Server anyway.


For Bitbucket Cloud I was able to find this Python client, but unfortunately it doesn't seem to be maintained anymore. You might consider using it for common operations though since they haven't changed for ages.

I also found this third party project which might be useful.


Hope this helps. Let me know if you have any questions.



Log in or Sign up to comment

Atlassian Community Events