Hi @nmoore and welcome to the community!
An app-password is associated with a certain Bitbucket Cloud account. So, if the account gets deleted, deactivated or its access from the company's repos is removed, then HTTPS authentication with this account won't work.
It is perfectly fine to create another Bitbucket Cloud account as a service account, with an email address that is not tied to a specific individual. Please keep in mind though that you'll need to add this account to the company's workspace, and it will count towards the workspace's users. If you have a paid plan, this means that you'll pay for one extra user.
Some additional options, instead of that, are the following:
1. Use access keys, if you CI/CD tool supports that.
You generate an SSH key pair, the private SSH key should exist on your CI/CD server, and the public key can be added to each repository's Access keys (from the Repository settings page).
You can add the public SSH key to as many repos as you want, and this will give your server read-only access to these repos.
You can find more details here:
2. Another option is to use OAuth, if you CI/CD tool supports that.
You can generate an OAuth consumer from the workspace's Settings, so this is not tied to a specific Bitbucket Cloud account.
You can find more info on OAuth here:
If you have any questions, please feel free to let me know.
Kind regards,
Theodora
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.