Create
cancel
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in

It's not the same without you

Join the community to find out what other Atlassian users are discussing, debating and creating.

Atlassian Community Hero Image Collage

App Passwords

We're looking to use App Passwords for our CI/CD pipelines to pull code from bitbucket cloud but we're unsure about a particular use case. I am a CloudOps engineer who generates an App Password for teamcity to clone repos from Bitbucket cloud. What happens to my app passwords should I leave the company and my account is removed? Are the app passwords removed too?

Alternatively, we would setup a service account with an email address for the service, teamcity in our case. Then we would create a bitbucket account for this email address and setup App Passwords under that account. Is this permitted by bitbucket cloud?

1 answer

0 votes

Hi @nmoore  and welcome to the community!

An app-password is associated with a certain Bitbucket Cloud account. So, if the account gets deleted, deactivated or its access from the company's repos is removed, then HTTPS authentication with this account won't work.

It is perfectly fine to create another Bitbucket Cloud account as a service account, with an email address that is not tied to a specific individual. Please keep in mind though that you'll need to add this account to the company's workspace, and it will count towards the workspace's users. If you have a paid plan, this means that you'll pay for one extra user.

Some additional options, instead of that, are the following:

1. Use access keys, if you CI/CD tool supports that.

You generate an SSH key pair, the private SSH key should exist on your CI/CD server, and the public key can be added to each repository's Access keys (from the Repository settings page).

You can add the public SSH key to as many repos as you want, and this will give your server read-only access to these repos.

You can find more details here:

2. Another option is to use OAuth, if you CI/CD tool supports that.

You can generate an OAuth consumer from the workspace's Settings, so this is not tied to a specific Bitbucket Cloud account.

You can find more info on OAuth here:

If you have any questions, please feel free to let me know.

Kind regards,
Theodora

Suggest an answer

Log in or Sign up to answer
TAGS
Community showcase
Posted in Bitbucket

Share your use cases: How do you use the Bitbucket-Jira integration? How does it help your team?

Hey everyone, over the past year, we've added several new features to how you can use Bitbucket and Jira together. We'd love to know how you'll are using the integration and how it's helping your tea...

35 views 0 1
Join discussion

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you