Access repository from https only

Hi @Theodora Boudale ,

Thanks for quick reply.

I'm looking for a use case, where...

From our organization, for some of the Atlassian accounts we want to have full control them on how they are accessing the repositories which they have been assigned to.

So, the passwords of their account are shared with them and they just need to use them. From the password manager we have shred this credentials. They can't see the password but they can copy and fill them. This way, the users don't need to remember them.

And the process of updating these access is easy and faster compare to maintaining the ssh keys.

Whereas as per my understanding, the ssh key is difficult to maintain and update in the machine.

So, to maintain the security, we just want user/ some group of user can access the repository over the HTTPS URL only. We don't want them to have ssh access any way.

I hope this has cleared your doubts. Let me know if you need more help.

Thanks,

Devang

Hi Devang,

Thank you for sharing more details and for explaining your use case.

I found out that we have a feature request for this already:

• https://jira.atlassian.com/browse/BCLOUD-20828

Please note that this request concerns managed accounts.
Managed accounts are accounts with an email from a domain that someone has verified, as per our documentation here:

• https://support.atlassian.com/user-management/docs/verify-a-domain-to-manage-accounts/

In this case, organization admins are the ones that manage these Atlassian accounts, and they are the only ones that can e.g. delete an account.

If you'd be interested in that feature, I would suggest adding your vote in there (by selecting the Vote for this issue link) as the number of votes helps the development team and product managers better understand the demand for new features. You are more than welcome to leave any feedback, and you can also add yourself as a watcher (by selecting the Start watching this issue link) if you'd like to get notified via email on updates.

Implementation of new features is done as per our policy here and any updates will be posted in the feature request.

I also wanted to bring to your attention the following important change that is going to be implemented on 1st March 2022:

• https://bitbucket.org/blog/deprecating-atlassian-account-password-for-bitbucket-api-and-git-activity

We will be deprecating the use of Atlassian account passwords when using Basic authentication with the Bitbucket API or Git over HTTPS. From that date on, users will need to create an app password and use that instead of a password when cloning/pulling from/pushing to Git repos via HTTPS.

• https://support.atlassian.com/bitbucket-cloud/docs/app-passwords/

This change already applies to any Bitbucket accounts that were created from 13th September 2021 onwards.

Please feel free to let me know if you have any questions.

Kind regards,
Theodora

https://jira.atlassian.com/browse/BCLOUD-20828

I think this will do the job, ..... I'm looking for something like this. Thanks!

You are very welcome, please feel free to reach out if you ever need anything else!