Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Bitbucket API 403 vs. 401

Jeffrey Witt
Jeffrey Witt February 6, 2013

Can someone explain to me why I could begetting a 403 error when an API request originates from one location (e.g. my remote server) and not from another location (e.g. my localhost). As I understand it, a 403 means that the authorization info (username and password) and request were valid and therefore are not at issue. Rather, bitbucket does think these credentials are sufficient to grant access. How could the same password and username be valid from requests from my localhost and not from my remote server?

401 UNAUTHORIZED Returned if the call requires authentication and either the credentials provided failed or no credentials were provided.
403 FORBIDDEN

Returned if the caller attempts to make a call or modify a resource for which the caller is not authorized. The request was a valid request, the caller's authentication credentials succeeded but those credentials do not grant the caller permission to access the resource.

One further detail of relevance. I noticed that if I change the password to something incorrect, I will get a 401 error from bitbucket when the requests originates from my localhost. However, when the request originates from my remote server with the bad password, I still get a 403 error, suggesting that BitBucket is forbidding the request even before it looks at the username and password.

Here's a link to an earlier question dealing with the same problem:

https://answers.atlassian.com/questions/133105/bitbucket-api-call-on-private-repository-working-for-local-machine-but-not-from-remote-server

Please help. I feel so frustrated and I don't know how to resolve this issue.

Answer
Watch
Like Thomas Beck likes this
13206 views

3 answers

1 accepted

2 votes
Answer accepted
Jeffrey Witt
Jeffrey Witt March 23, 2013

This is the best answer I've gotten. This answers suggest that my remote server is behind a proxy and extra steps are required to solve it.

http://stackoverflow.com/questions/14591601/php-file-get-contents-authorization-header

However, I got so frustrated, I switched to using php's CURL library which gave me none of the trouble that I had when using the get_file_contents function.

http://stackoverflow.com/questions/14788138/using-json-data-from-curl-response

I hope these two possible solutions help someone else someday!

Reply
2 votes
doylep
doylep
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
May 13, 2016

Why can I curl -u username:pass http://api.bitbucket.org/2.0/repositories/{user}/{repo}/refs/branches

but I cannot use javascript libraries like HTTP.get or meteor.  Curl works and HTTP.get yields a 403 forbidden error.  Is that an account setting?

Reply
1 vote
AgentSmith
AgentSmith
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
March 7, 2013

Greetings!

Is this still an issue for you? Are you using git or hg over SSH, or? Also, what is the exact error message you get? Although, it doesn't explain why it would work from point A versus point B, but if the error is "fatal: HTTP request failed", it is because you have exceeded your plan limit. This link discussed the 403 message in that context:

https://confluence.atlassian.com/pages/viewpage.action?pageId=321854562

The 403 was previously sent in a 402 message. I attached a previous posting that shows what the message would like like:

https://answers.atlassian.com/questions/142657/402-error-when-pushing

If this info is relevant to your situation, then just a guess, perhaps the API request from your localhost is somehow bumping you up past your limit. Offhand, I don't know exactly how, but its conceivable that the environments would be different from each other. For example, the remote server might be in a data center (behind firewall, using standards ports) and your localhost might be running at home (could be non-standard customizations, different OS, etc). If it makes sense, determine the differences and from that you might have some options to explore.

Cheers,

Jason | Atlassian

Reply

Suggest an answer

Log in or Sign up to answer
Bitbucket
Bitbucket
TAGS
AUG Leaders

Atlassian Community Events

    See all events