I'm currently storing my Bitbucket HTTP access key in AWS Secrets Manager that is then pulled by Lambda functions to perform operations on the Bitbucket API. I need to be able to routinely rotate this access key - whether it be manually or programmatically.
Does the Bitbucket API offer an endpoint that allows me to generate a new access key from an existing access key? Or to generate refreshable access keys that come with refresh tokens?
Thanks for the response. That is unfortunate.
I do see that there exist endpoints to create access tokens under https://developer.atlassian.com/server/bitbucket/rest/v819/api-group-authentication/
These could be used as part of a rotation strategy.
Do you know what permission / authentication is required to make these API calls?
I attempted with a personal access token and got a 401 Unauthorized.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
I believe you will need the Admin permission level on the respective object (project or repository) to invoke that particular API.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
The HTTP personal access tokens - from my understanding - are just used to authenticate my user to the REST API and should replicate my account permissions.
When I visit, for example, the following URL in my browser logged into my account I get a 200 response : rest/access-tokens/latest/users/<user_slug>
When I use basic auth for the call, I also get a 200 response.
But when I use my generated HTTP access token to make that call, I get a 401 Unauthorized.
Am I misunderstanding the permissions that my personal access token has?
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Do ignore me.
I just came across a section on your documentation:
Appears a token cannot be used to create a token. Also quite unfortunate.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.