I have a workspace with multiple collaborators and multiple repos. One of the repo is used to collect the build artifacts of other repos, it acts as a central repository for getting the build artifacts. Following the instructions from Deploy build artifacts to Bitbucket Downloads , I have added the app password a collaborator as the workspace pipeline variable BB_AUTH_STRING. It makes sense then that when other upload their build artifacts with BB_AUTH_STRING, the uploader is showed as the one who offered his app password. Is there a way around this to know who was the real uploader of the build artifact?