You're on your way to the next level! Join the Kudos program to earn points and save your progress.
Level 1: Seed
25 / 150 points
1 badge earned
Challenges come and go, but your rewards stay with you. Do more to earn more!
What goes around comes around! Share the love by gifting kudos to your peers.
Keep earning points to reach the top of the leaderboard. It resets every quarter so you always have a chance!
Join now to unlock these features and more
I have been informed of this change.
Seperately, I have received an email with the following content:
Beginning March 1, 2022, you will no longer be able to use your Atlassian account password when using Basic authentication with the Bitbucket API or Git over HTTPS. For security reasons, we require all users to use Bitbucket app passwords.
I am trying to understand the scope of the change and its impact. It states that I cannot log in Atlassian account and password and requires all users to use Bitbucket app passwords. However, besides using app passwords, I also log in using OAuth2. https://developer.atlassian.com/cloud/bitbucket/oauth-2/
In the case of GCP Build Triggers, when I first set up the Bitbucket repository to connect to, I need to go through the "Authorization Code Grant" flow and acknowledge what access I am granting to Google Cloud Source Repository. If I check the Bitbucket API endpoints being called, they are URLs that are being used for "Authorization Code Grant" flow.
Based on these findings, am I right to say that there is no necessity to change existing triggers or mirrored repositories on GCP since they are using OAuth2 in the first place instead of Atlassian accounts and passwords?
Can I still use the JWT access tokens to access Bitbucket and clone/pull Git repositories after the App Password changes? Or is App Password the only way to login?
Hey Chee Hwee Chai,
My name is David and I'm a backend engineer on the Bitbucket Cloud team.
Just to be clear, you are currently using the JWT access token in place of the OAuth access token, correct? If so, then you will not be required to make any changes.
To be more specific, Bitbucket Cloud supports three of OAuth 2.0's (RFC-6749) grant flows, plus a custom Bitbucket flow for exchanging JWT tokens for access tokens. Note that Resource Owner Password Credentials Grant (4.3) is no longer supported. If my understanding is correct in that you are using JWT access token for the authentication method, then you are correct, you will not require any changes.
You can find more info regarding our allowed authentication methods in our REST API docs here.