Create
cancel
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in

It's not the same without you

Join the community to find out what other Atlassian users are discussing, debating and creating.

Atlassian Community Hero Image Collage

Is it possible to authenticate as a specific user in a script if 2FA is enabled for the user?

I'd like to automate portions of a branching, tagging, and merging strategy. I'd like to create branches, get diffs between two branches, check for open Pull Requests, apply tags, push those branches to Bitbucket, and open Pull Requests. However, many of these actions require authenticating and authorizing a user, and I'd like them to be authorized against a particular user so when the changes are pushed to Bitbucket, you can see the person who ran the scripts that took the actions (for traceability).

I see ways to authenticate a user with their username and password, but these methods are documented as not working with 2FA turned on. Other methods are about authenticating the application and not a user of the system, which I'm not sure is acceptable in the context.

1 answer

0 votes

Hello @Tom Owens,

Thanks for reaching out.

You're right, regular credentials won't work when 2FA is enabled. In this case you have two options to authenticate API calls:

  • app password – it works together with your username and can be scoped to only some functionality of Bitbucket
  • OAuth 2.0 (look for 3-LO flow) – this is more complicated, but many tools already support this auth method. This is a better option from security perspective as the token you're authenticating requests with is short-lived.

Hope this helps. Let me know if you have any questions.

Cheers,
Daniil

I can take a deeper look at the 3-LO flow, but this is for a script that doesn't run in a browser, so it may take a bit of extra work to get that working. I think the first step is to see what functionality app password provides - that may be sufficient.

Suggest an answer

Log in or Sign up to answer
TAGS
Community showcase
Published in Bitbucket

Powering DevOps with Bitbucket Server & Data Center

Hi everyone, The Cloud team recently announced 12 new DevOps features that help developers ship better code, faster   ! While we’re all excited about the new improvements to Bitbucket ...

1,849 views 0 7
Read article

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you