Create
cancel
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
It's not the same without you

Join the community to find out what other Atlassian users are discussing, debating and creating.

Atlassian Community Hero Image Collage

Create a repository OAuth scopes required: repository:admin - bitbucket cloud api

Hi Guys

I have been wondering isn't that a risk giving admin permission to OAuth consumer on the entire workspace  

when creating repository do i have to be an admin ... ? 

can you supply justifications and alternative ways to reduce risk here.... ?

Thanks

Eyal

1 answer

1 accepted

0 votes
Answer accepted
Norbert C Atlassian Team Jan 03, 2022

Hi Eyal,

Thank you for contacting Atlassian Community. My name is Norbert and I'm a Bitbucket Cloud Support Engineer, it's nice to meet you!

I would like to confirm that you're correct. To be able to create a repository in Bitbucket Cloud, you need to create an OAuth consumer, which has a "repository:admin" permission, otherwise you would get an error message which would tell you, that your OAuth key doesn't have the necessary scopes for repository creation.

I'm afraid there's no alternative ways to reduce the risks here. In case you create OAuth consumer and key with a repository:admin permission, I'd suggest you to not to share this key with anyone else.

Please let us know if you have any further question? We're here to help.

Best Regards,
Norbert
Atlassian Bitbucket Cloud Support

Hi Norbert C

thank you for your fast response and i understand that it can't be achieved.

for more i have problems to git push via the api after i created the repository ...is there and documentation it only show the clone command i need to be able to do git commit push

$ git clone https://x-token-auth:{access_token}@Bitbucket.org/user/repo.git

this is the clone ....  

Norbert C Atlassian Team Jan 04, 2022

Hi @Eyal David 

To be able push using an access token, what I would like to recommend you is to change the .git/config file in the cloned repository, add the following line into the config file under the [remote "origin"] section:

url = https://x-token-auth:AUTHTOKEN@bitbucket.org/workspace/repository

Please let me know how it goes.

Best Regards,
Norbert
Atlassian Bitbucket Cloud Support 

Hi 

this exactly what i have 

[remote "origin"]
 url = https://x-token-auth:MYTOKEN@bitbucket.org/mycompanyworkspace/MYGENERATEDREPO.git
 fetch = +refs/heads/*:refs/remotes/origin/*

any idea ? 

Thanks 

Norbert C Atlassian Team Jan 05, 2022

Hi @Eyal David ,

This looks good. Can you let me know what happens when you do a "git push" once you have your config setup like this?

Hi @Norbert C

remote: Your credentials lack one or more required privilege scopes.
10:51:38  fatal: unable to access 'https://bitbucket.org/mycompanyworkspace/MYGENERATEDREPO.git/'

: The requested URL returned error: 403

 this is what im getting .... BTW the repository is being generated from api ...kind of trying to implement create git repository --- add,commit,push 

 

tried this example as well and got the same error

https://support.atlassian.com/bitbucket-cloud/docs/push-back-to-your-repository/

 

# Configure git to use the oauth token.

- git remote set-url origin "https://x-token-auth:${access_token}@bitbucket.org/${BITBUCKET_REPO_OWNER}/${BITBUCKET_REPO_SLUG}"

# Make changes and commit back. - echo "Made a change in build ${BITBUCKET_BUILD_NUMBER}" >> changes.txt -

git add changes.txt

- git commit -m "[skip ci] Updating changes.txt with latest build number."

- git push

 

Thanks

 

Eyal

Hi @Norbert C 

another question .. trying to set the repository generate by api as private

is_private : true  with no success ... im using OAUTH .... 

thanks

Eyal

@Norbert C 

any idea how can i continue here ? 

Norbert C Atlassian Team Jan 07, 2022

Hi @Eyal David ,

Please excuse me for the late reply, I was out of office yesterday.

Can you let me know whether your OAuth consumer and key has the "repository:write" scope? 

Based on my observation from your error message, I suspect your OAuth consumer doesn't have this scope and that's why it fails.

When I've tried it with the following scope, I was able to push to the repository

oauthscopes.png

Please let me know, Eyal.

Best Regards
Norbert
Atlassian Bitbucket Cloud Support

@Norbert C indeed i was missing write permissions i thought that when you have admin permission you get the writ by default .... so thanks for this. .... realy helped me ... 

for more by any chance do you know how can i create my repository as private 

 

as i wrote above i did try is_private : true  with no success...

can you please help with this as well ?

Thank you very much !!!

@Norbert C created another question for is_private : true

Thank you very much for your help

Norbert C Atlassian Team Jan 10, 2022

You're welcome @Eyal David , I'm glad to hear I was able to help

Suggest an answer

Log in or Sign up to answer
TAGS
Community showcase
Published in Bitbucket

📣 Calling Bitbucket Data Center customers to participate in research

Hi everyone, Are you Bitbucket DC customer? If so, we'd love to talk to you! Our team wants to dive deep to understand your long-term plans regarding Bitbucket DC and Atlassian Cloud. Do you plan...

178 views 2 4
Read article

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you