Come for the products,
stay for the community

The Atlassian Community can help you and your team get more value out of Atlassian products and practices.

Atlassian Community about banner
Community Members
Community Events
Community Groups

About branch restrictions

I've worked in a shell script to run a job into Rundeck platform, and when it pass by the payload to set the branch restrictions via cUrl -X POST, the rules are not created when i set the groups that are immune to this, but when i dont set them, the rules work's well


1 answer

1 accepted

0 votes
Answer accepted
Patrik S Atlassian Team Dec 09, 2021

Hello @Hiago Foppa Strach Jager ,

Welcome to Atlassian Community!

From my understanding you are are trying to set the branch restriction for your repository using the following API endpoint :

POST /2.0/repositories/{workspace}/{repo_slug}/branch-restrictions

If that is the case, I was able to successfully create a push restriction on my personal repository, applying to branches matching the pattern development/* and with the group named 'contributors' being except from the restriction, using the example payload below :

curl --request POST --user <BBUsername>:<AppPassword> --url{workspace}/{repo_slug}/branch-restrictions --header 'Accept: application/json' --header 'Content-Type: application/json' --data '{
"kind": "push",
"branch_match_kind": "glob",
"pattern": "development/*",
"groups": [
"slug": "contributors"

 Would you mind confirming if the payload you are using is similar to the one above ?

Also, from this API endpoint documentation, some conditions must be met in order to use it :

  • Groups used in branch restrictions must have write or admin access to the repository
  • users and groups are lists of users and groups that are except from the restriction. They can only be configured in push and restrict_merges restrictions kinds.
  • Adding new users or groups to an existing restriction should be done via PUT.

For more details about this particular endpoint, you can refer to the following link:

Hope that helps to address your question! Let me know if you need further assistance :)

Thank you, @Hiago Foppa Strach Jager !

Best regards,

Patrik S

Hi @Patrik S , thanks for answering me, i've been successful in creating the branch-restrictions, with this payload: image.png

Now the problem that i have its about adding new default-reviewers, when i try the curl below it worked for my personal repository: 


but, when this query is given to RunDeck platform, my supervisor receives a error 401, or dont receive any response, ive trying to figure the reason, if you know something that can be causing this. Thanks for all your support <3

Patrik S Atlassian Team Dec 15, 2021

Hello @Hiago Foppa Strach Jager ,

Great to hear that you were able to successfully create the branch-restrictions with the API call.

In regards to your latest questions, 401/403 HTTP error codes either means that you are not using valid credentials or do not have the required permissions for that action.

That being said, I'd check with your supervisor the following points :

  • Is your supervisor using an AppPassword to authenticate with Bitbucket ? If the answer is no, he/she can refer to the following documentation on how to set up one :
  • If your supervisor is already using an AppPassword, could you please ensure it have the right permissions ? For the API call to default reviewers endpoint, both the App Password and the account that owns the AppPassword must have Repository:Admin permission.

In case the above doesn't work, could you please share with us the full output of when your supervisor is executing the API call?

Let us know how it goes, and if you have any other questions.

Thanks, @Hiago Foppa Strach Jager 

Kind regards,

Patrik S

Suggest an answer

Log in or Sign up to answer

Atlassian Community Events