Bitbucket API 403 vs. 401

Can someone explain to me why I could begetting a 403 error when an API request originates from one location (e.g. my remote server) and not from another location (e.g. my localhost). As I understand it, a 403 means that the authorization info (username and password) and request were valid and therefore are not at issue. Rather, bitbucket does think these credentials are sufficient to grant access. How could the same password and username be valid from requests from my localhost and not from my remote server?

401 UNAUTHORIZED Returned if the call requires authentication and either the credentials provided failed or no credentials were provided.
403 FORBIDDEN

Returned if the caller attempts to make a call or modify a resource for which the caller is not authorized. The request was a valid request, the caller's authentication credentials succeeded but those credentials do not grant the caller permission to access the resource.

One further detail of relevance. I noticed that if I change the password to something incorrect, I will get a 401 error from bitbucket when the requests originates from my localhost. However, when the request originates from my remote server with the bad password, I still get a 403 error, suggesting that BitBucket is forbidding the request even before it looks at the username and password.

Here's a link to an earlier question dealing with the same problem:

https://answers.atlassian.com/questions/133105/bitbucket-api-call-on-private-repository-working-for-local-machine-but-not-from-remote-server

Please help. I feel so frustrated and I don't know how to resolve this issue.

3 answers

1 accepted

This is the best answer I've gotten. This answers suggest that my remote server is behind a proxy and extra steps are required to solve it.

http://stackoverflow.com/questions/14591601/php-file-get-contents-authorization-header

However, I got so frustrated, I switched to using php's CURL library which gave me none of the trouble that I had when using the get_file_contents function.

http://stackoverflow.com/questions/14788138/using-json-data-from-curl-response

I hope these two possible solutions help someone else someday!

1 vote
Jason Worley Atlassian Team Mar 07, 2013

Greetings!

Is this still an issue for you? Are you using git or hg over SSH, or? Also, what is the exact error message you get? Although, it doesn't explain why it would work from point A versus point B, but if the error is "fatal: HTTP request failed", it is because you have exceeded your plan limit. This link discussed the 403 message in that context:

https://confluence.atlassian.com/pages/viewpage.action?pageId=321854562

The 403 was previously sent in a 402 message. I attached a previous posting that shows what the message would like like:

https://answers.atlassian.com/questions/142657/402-error-when-pushing

If this info is relevant to your situation, then just a guess, perhaps the API request from your localhost is somehow bumping you up past your limit. Offhand, I don't know exactly how, but its conceivable that the environments would be different from each other. For example, the remote server might be in a data center (behind firewall, using standards ports) and your localhost might be running at home (could be non-standard customizations, different OS, etc). If it makes sense, determine the differences and from that you might have some options to explore.

Cheers,

Jason | Atlassian

Why can I curl -u username:pass http://api.bitbucket.org/2.0/repositories/{user}/{repo}/refs/branches

but I cannot use javascript libraries like HTTP.get or meteor.  Curl works and HTTP.get yields a 403 forbidden error.  Is that an account setting?

Suggest an answer

Log in or Sign up to answer
How to earn badges on the Atlassian Community

How to earn badges on the Atlassian Community

Badges are a great way to show off community activity, whether you’re a newbie or a Champion.

Learn more
Community showcase
Posted Jun 12, 2018 in Bitbucket

Do you use any Atlassian products for your personal projects?

After spinning my wheels trying to get organized enough to write a book for National Novel Writing Month (NaNoWriMo) I took my affinity for Atlassian products from my work life and decided to tr...

25,564 views 26 12
Join discussion

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you