Are you in the loop? Keep up with the latest by making sure you're subscribed to Community Announcements. Just click Watch and select Articles.

Showing results for 
Search instead for 
Did you mean: 
Sign up Log in

Earn badges and make progress

You're on your way to the next level! Join the Kudos program to earn points and save your progress.

Deleted user Avatar
Deleted user

Level 1: Seed

25 / 150 points

Next: Root


1 badge earned


Participate in fun challenges

Challenges come and go, but your rewards stay with you. Do more to earn more!


Gift kudos to your peers

What goes around comes around! Share the love by gifting kudos to your peers.


Rise up in the ranks

Keep earning points to reach the top of the leaderboard. It resets every quarter so you always have a chance!


BB Cloud Oauth implicit grant method stopped working in electron app

I was using BB Cloud's Oauth implicit grant method in my electron app for authenticating my app to fetch the details of my repositories.

It stopped working recently.

Reference link of implicit grant method

I noticed that even if I directly open login page its not working.

Here is the code example:
let win = new remote.BrowserWindow({ width: 800, height: 600, show:false, webPreferences: {sandbox: true, }});
win.loadURL(''); // this is not working


Any idea why? Has something changed?


1 answer

0 votes
Patrik S
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
Mar 02, 2023

Hello @dev_gauravmall ,

Welcome to the Community!

The implicit grant is still one of the supported OAuth2 flows in Bitbucket, as you can check in our API Reference - Authentication documentation

Your app should redirect the user's browser to the authorization URL:{client_id}&response_type=token

Where the client_id should be the key of an OAuth consumer created in a bitbucket workspace. 

Once the user interactively Grants access to that client id, it will redirect to your callback_url configured in the OAuth consumer, with a fragment containing the access token (#access_token={token}&token_type=bearer) where your page's js can pull it out of the URL.

In order to test if the token is being correctly returned, you can also try accessing the authorization URL manually in your browser, replacing the client id with its actual value, and once clicking Grant on the authorization page, you should see the token available as a part of the redirect URL.

Let me know in case you have any questions.

Thank you, @dev_gauravmall !

Patrik S

Hi @Patrik S ,

Thanks for your reply.

But the problem here is not implicit grant method as such. It is already working and the reference link that I've mentioned in original question before is also working.

Background on problem.
My windows app was built on electron and was using the same method (which was working flawlessly before Feb'23). We noticed that it stopped working suddenly. It started showing this page in In app browser. 

Screenshot 2023-03-04 093644.png

Just to elaborate more on to investigation I did
there is a redirect happens for authorization when you try to open{client_id}&response_type=token

 it redirects to Something like below{client_id}%2526response_type%253Dtoken%26redirectCount%3D1

Now this redirection was working before and the loading of login page was working before, but it stopped suddenly in Feb'23.

My question is that, is this not supported anymore into in-app browsers? Has there any change happened on

I am seeking ways to mitigate it, by maintaining same user experience.

I haven't tried, but I think the workaround is to navigate user to the actual browser instead of in-app browser to authorize (where is not restricted and works) and then via redirect url configuration in Bitbucket, return the user back to the app to authenticate the app for further processing.

But is there any way to maintain the same user experience(not navigating user to outside browser) by changing any configuration anywhere?

Hope it describes the situation. :-)

Patrik S
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
Mar 06, 2023

Hello @dev_gauravmall ,

Thank you for providing more context about the issue.

Since this is more of a development technical question, I would suggest posting your question in Atlassian Developer Community as they will be able to better help you with this topic.

Thank you, @dev_gauravmall !

Patrik S

Suggest an answer

Log in or Sign up to answer
Site Admin
AUG Leaders

Atlassian Community Events