I am trying to let users of my application post issues directly to a repository. To do this, I have set up an account for the application that also has access to the repository. Before creating an issue we need to get an authentication token as per this article. I am looking to use the OAuth2.0 Password grant type and the password I wish to use is my app password as opposed to my actual password. This is because with the app password I can manage the scope of access that the password has and if it were to get exposed it does not pose a major security risk.
Is this at all possible or should I be going about this in another way altogether?
Thank you for reaching out to Atlassian Community!
When creating an OAuth, you shouldn’t inform your password or an app password, so I would like to clarify where you are using a password. In case you would like to read the process to create an OAuth, you can access the following link:
What you could do is use an App password to authenticate this request instead of an OAuth.
Please feel free to correct me in case I have misunderstood something here.
Hi, @Caroline R
As per the link you sent, I'm using one of the four RFC-6749 grant flows, specifically the password grant type. I'm realizing now that If I'm to use the app password, I can't use it to get the OAuth token but I should be using basic authentication instead.
Thank you for the assistance!
Hi everyone, Are you Bitbucket DC customer? If so, we'd love to talk to you! Our team wants to dive deep to understand your long-term plans regarding Bitbucket DC and Atlassian Cloud. Do you plan...
Connect with like-minded Atlassian users at free events near you!Find an event
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no Community Events near you at the moment.Host an event
You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events