Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

JWT Token generated always results in 401 Unauthenticated

nithin bodanapu
nithin bodanapu
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
September 4, 2023

I have created a developer app and set the authentication to JWT as seen below.

 

{
  "key": "com.<product_name>",
"name": "<Product Name>",
"description": "Product Desctiption....",
"vendor": {
"name": "Slik"
},
"baseUrl": baseUrl,
"lifecycle": {
"installed": f"{baseUrl}/installed",
"uninstalled": f"{baseUrl}/uninstalled"
},
"authentication": {
"type": "JWT"
},
"scopes": ["webhook", "repository"],
"modules": {
"webhooks": [
{
"event": "repo:push",
"url": "/webhook_listener"
}
]
}
}

 

 

When I create the app, I get a client_id and client_secret and once I connect the app to a workspace, I get the following info

 

key: <Same as Above>

clientKey: 
ari:cloud:bitbucket::app/<Workspace UUID>/<key (same as above)>
publicKey: <Public Key>
sharedSecret: <client_secret>

 

While trying to generate the JWT Token I am using the python library atlassian_jwt as follows:

 

import atlassian_jwt
token = atlassian_jwt.encode_token(http_method="GET", url="https://api.bitbucket.org/2.0/repositories/<workspace name>/<repo name>/diff/96c7b8e", clientKey=<clientKey that was generated above>, sharedSecret="<Shared Secret from above>")

The token I get here, when used to make the call to the URL "https://api.bitbucket.org/2.0/repositories/<workspace name>/<repo name>/diff/96c7b8e" results in a 401 unauthorised error. 

 

Kindly let me know if I there is a mistake of some kind here which is causing this problem

 

 

 

Answer
Watch
Like Be the first to like this
324 views

1 answer

0 votes
Patrik S
Patrik S
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
September 5, 2023

Hello @nithin bodanapu and welcome to the Community!

The Bitbucket Cloud API documentation has a section containing instructions on how to exchange the JWT connect token for an OAuth access token that can then be used to make requests to Bitbucket Cloud API :

If after following those instructions you are still facing issues with the authentication, since this is more of an app development question, as you are using a developer app to authenticate, I would suggest reaching out to our community dedicated to developers: 

as they will have more expertise on this topic.

Thank you, @nithin bodanapu  !

Patrik S

Reply

Suggest an answer

Log in or Sign up to answer
Bitbucket
Bitbucket
DEPLOYMENT TYPE
CLOUD
PERMISSIONS LEVEL
Product Admin
TAGS
AUG Leaders

Atlassian Community Events

    See all events