I have a question about Rest API authentication and permissions. From my server, I'd like to trigger a pipeline using the API call. From what I see it requires a username and a password. I could use my credentials or app password. However, I'd prefer to avoid it since it'd give access to other repositories as well if I understood it correctly. This could cause quite a damage if some naughty person would put his hands on it. And since it'd be somewhere on the server, in theory, it's possible. I saw the Authentication Documentation but from what I understand it's mostly for the add-ons and the browser authentication which is not usable for me since the call is supposed to happen "behind the curtains".
Thus, my question is, is it possible to obtain credentials that are limited to a certain repo with certain scope? I know I could create a separate user but that'd cause some extra costs which I'd also like to avoid.
I hope I haven't missed anything from the documentation, if so I'd be thankful for pointing me to the right page.
Hi everyone, Are you Bitbucket DC customer? If so, we'd love to talk to you! Our team wants to dive deep to understand your long-term plans regarding Bitbucket DC and Atlassian Cloud. Do you plan...
Connect with like-minded Atlassian users at free events near you!Find an event
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no Community Events near you at the moment.Host an event
You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events