Thanks Mikael for the reply.

Yes, the user is part of stash-users group that has Bitbucket User checkbox selected in global permissions. I thought the user should get created automatically if I select create users on logon option and provide stash-users as default group but it didn't work. I then created user manually and added it to the stash-users group. Everytime it throws the same error: Invalid username or password.

Checked the logs: No info except audit log has authentication error: AuthenticationFailureEvent | AD user name | 1576186223814

Does the user name input (the distinguished name of user that app will use when connecting to directory server) need any additional privileges? Currently I have set it to my AD user name. 

The user that is being used to connect to the AD in the user directory just needs read access.

Did the user exist in the Bitbucket internal directory before you added the delegated directory? Which directory is first in your list, the internal or the delegated one?

I have not used the delegated option for a user directory, I use AD directories with local groups instead, that way if a user gets updated in the AD it will be reflected in Bitbucket on the next sync.

As a test try and add a new directory that is using AD instead of delegated, once you have that setup you can use Test to verify that Bitbucket can communicate with your AD correctly and get the user. The directory does not have to be enabled in order to use the Test.

If the test is successful you should see something like this:

Thanks Mikael. This one worked.