I'd like to automate portions of a branching, tagging, and merging strategy. I'd like to create branches, get diffs between two branches, check for open Pull Requests, apply tags, push those branches to Bitbucket, and open Pull Requests. However, many of these actions require authenticating and authorizing a user, and I'd like them to be authorized against a particular user so when the changes are pushed to Bitbucket, you can see the person who ran the scripts that took the actions (for traceability).
I see ways to authenticate a user with their username and password, but these methods are documented as not working with 2FA turned on. Other methods are about authenticating the application and not a user of the system, which I'm not sure is acceptable in the context.
Hello @Tom Owens,
Thanks for reaching out.
You're right, regular credentials won't work when 2FA is enabled. In this case you have two options to authenticate API calls:
Hope this helps. Let me know if you have any questions.
Cheers,
Daniil
I can take a deeper look at the 3-LO flow, but this is for a script that doesn't run in a browser, so it may take a bit of extra work to get that working. I think the first step is to see what functionality app password provides - that may be sufficient.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.