Come for the products,
stay for the community

The Atlassian Community can help you and your team get more value out of Atlassian products and practices.

Atlassian Community about banner
4,359,785
Community Members
 
Community Events
168
Community Groups

Create a repository OAuth scopes required: repository:admin - bitbucket cloud api

Hi Guys

I have been wondering isn't that a risk giving admin permission to OAuth consumer on the entire workspace  

when creating repository do i have to be an admin ... ? 

can you supply justifications and alternative ways to reduce risk here.... ?

Thanks

Eyal

1 answer

1 accepted

0 votes
Answer accepted
Norbert C Atlassian Team Jan 03, 2022

Hi Eyal,

Thank you for contacting Atlassian Community. My name is Norbert and I'm a Bitbucket Cloud Support Engineer, it's nice to meet you!

I would like to confirm that you're correct. To be able to create a repository in Bitbucket Cloud, you need to create an OAuth consumer, which has a "repository:admin" permission, otherwise you would get an error message which would tell you, that your OAuth key doesn't have the necessary scopes for repository creation.

I'm afraid there's no alternative ways to reduce the risks here. In case you create OAuth consumer and key with a repository:admin permission, I'd suggest you to not to share this key with anyone else.

Please let us know if you have any further question? We're here to help.

Best Regards,
Norbert
Atlassian Bitbucket Cloud Support

Hi Norbert C

thank you for your fast response and i understand that it can't be achieved.

for more i have problems to git push via the api after i created the repository ...is there and documentation it only show the clone command i need to be able to do git commit push

$ git clone https://x-token-auth:{access_token}@Bitbucket.org/user/repo.git

this is the clone ....  

Norbert C Atlassian Team Jan 04, 2022

Hi @Eyal David 

To be able push using an access token, what I would like to recommend you is to change the .git/config file in the cloned repository, add the following line into the config file under the [remote "origin"] section:

url = https://x-token-auth:AUTHTOKEN@bitbucket.org/workspace/repository

Please let me know how it goes.

Best Regards,
Norbert
Atlassian Bitbucket Cloud Support 

Hi 

this exactly what i have 

[remote "origin"]
 url = https://x-token-auth:MYTOKEN@bitbucket.org/mycompanyworkspace/MYGENERATEDREPO.git
 fetch = +refs/heads/*:refs/remotes/origin/*

any idea ? 

Thanks 

Norbert C Atlassian Team Jan 05, 2022

Hi @Eyal David ,

This looks good. Can you let me know what happens when you do a "git push" once you have your config setup like this?

Hi @Norbert C

remote: Your credentials lack one or more required privilege scopes.
10:51:38  fatal: unable to access 'https://bitbucket.org/mycompanyworkspace/MYGENERATEDREPO.git/'

: The requested URL returned error: 403

 this is what im getting .... BTW the repository is being generated from api ...kind of trying to implement create git repository --- add,commit,push 

 

tried this example as well and got the same error

https://support.atlassian.com/bitbucket-cloud/docs/push-back-to-your-repository/

 

# Configure git to use the oauth token.

- git remote set-url origin "https://x-token-auth:${access_token}@bitbucket.org/${BITBUCKET_REPO_OWNER}/${BITBUCKET_REPO_SLUG}"

# Make changes and commit back. - echo "Made a change in build ${BITBUCKET_BUILD_NUMBER}" >> changes.txt -

git add changes.txt

- git commit -m "[skip ci] Updating changes.txt with latest build number."

- git push

 

Thanks

 

Eyal

Hi @Norbert C 

another question .. trying to set the repository generate by api as private

is_private : true  with no success ... im using OAUTH .... 

thanks

Eyal

@Norbert C 

any idea how can i continue here ? 

Norbert C Atlassian Team Jan 07, 2022

Hi @Eyal David ,

Please excuse me for the late reply, I was out of office yesterday.

Can you let me know whether your OAuth consumer and key has the "repository:write" scope? 

Based on my observation from your error message, I suspect your OAuth consumer doesn't have this scope and that's why it fails.

When I've tried it with the following scope, I was able to push to the repository

oauthscopes.png

Please let me know, Eyal.

Best Regards
Norbert
Atlassian Bitbucket Cloud Support

@Norbert C indeed i was missing write permissions i thought that when you have admin permission you get the writ by default .... so thanks for this. .... realy helped me ... 

for more by any chance do you know how can i create my repository as private 

 

as i wrote above i did try is_private : true  with no success...

can you please help with this as well ?

Thank you very much !!!

@Norbert C created another question for is_private : true

Thank you very much for your help

Norbert C Atlassian Team Jan 10, 2022

You're welcome @Eyal David , I'm glad to hear I was able to help

Suggest an answer

Log in or Sign up to answer
TAGS
Community showcase
Published in Bitbucket

Git push size limits are coming to Bitbucket Cloud starting April 4th, 2022

Beginning on April 4th, we will be implementing push limits. This means that your push cannot be completed if it is over 3.5 GB. If you do attempt to complete a push that is over 3.5 GB, it will fail...

3,449 views 3 10
Read article

Atlassian Community Events