Create
cancel
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in

Disable user access to install marketplace apps

Wanderley Teixeira October 22, 2019

Is it possible to restrict users from installing Marketplace apps in Bitbucket Cloud?

2 answers

1 vote
Inna S
Contributor
October 15, 2023

Hi, reviving the old thread here.

What @Ana Retamal is saying here is that a regular user, not having admin rights on a repository, can freely install any random 3rd-party app to the team workspace and there is nothing we can do about it.

Installation of an app to the workspace exposes the repo content to this application and if you let users add random apps, you effectively make the rest of your access control void.

How does this play with the Atlassian security obligations?

LQ October 17, 2023

Agreed we need a follow up here

0 votes
Ana Retamal
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
October 28, 2019

Hi Wanderley,

It is not possible to restrict Bitbucket Cloud users from installing apps in their accounts. That is something that every admin can do, and since Bitbucket users are the admins of their own accounts, they'll have that privilege.

Let us know if you have any other questions!

Kind regards,

Ana 

Wanderley Teixeira October 28, 2019

It is ok to have them installed on their own accounts for their private repos, but the problem is that users are part of a team, and when they install something like "Pipelines" it is available to everyone and the tab is there always. Is it possible to remove it?

Ana Retamal
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
November 1, 2019

Hi Wanderley,

If some users are installing apps and everyone can see them, that's because they must be installing them in repositories that are part of the team, and not in their private repositories.

Could you send us a screenshot where the users can see those apps?

Best regards,

Ana

Wanderley Teixeira November 4, 2019

You can see the audit logs where a regular user installed "Pipelines" and it is shown in the installed apps on my account for all repos. I just want to not allow this to happen.Screen Shot 2019-11-04 at 10.02.46 AM.jpgScreen Shot 2019-11-04 at 10.02.36 AM.jpg

LQ August 4, 2021

Bump - I vote for a feature on this issue

Suggest an answer

Log in or Sign up to answer
TAGS
AUG Leaders

Atlassian Community Events