My company has been using Bitbucket API for an Issue Tracker for a while now, and recently new employees are unable to work with our tracker system, which pulls and edits issues through the OAuth 2.0 api. We have them set up a OAuth Consumer on their personal workspace using the steps detailed in this help page. https://support.atlassian.com/bitbucket-cloud/docs/use-oauth-on-bitbucket-cloud/.
However, users who created Bitbucket accounts since the recent Bitbucket change last year which stopped giving users a Default Workspace linked to their user account, are unable to access any of the repositories outside of the Workspace they created. And if we give them admin access to the workspace we want them to have access for, the api no longer registers that OAuth Consumer with the name of the person on the account (as it did when it was their "personal" repository).
I looked a bit into Access Tokens, but it doesn't appear that Access Tokens are what we are looking for, especially since there is no way to allow access to issue through the Repository Access Token. Is there still a way to do what I am trying to do where we set up an OAuth Consumer, which works across all workspaces the user has access to, rather than just the individual workspace it is made on?
Hello @bdbowen, and thank you for reaching out to the Community!
As you correctly stated, Personal Workspaces are a legacy feature now, and they are no longer created when a user signs up for Bitbucket Cloud. Users can still manually create workspaces, but their new workspaces are all considered shared/team workspaces.
OAuth consumers created in the legacy personal workspace represent the user account to which it's tied. This is the reason why those OAuth credentials worked across different workspaces.
OAuth consumers created in a shared/team workspace represented the workspace itself, so its scope is limited to the workspace where it was created.
The workaround I would suggest is for the new users to use basic authentication when interacting with the Issues API. Example request using basic auth to list the issues under a workspace:
curl --request GET -u USERNAME:APP_PASSWORD --url 'https://api.bitbucket.org/2.0/repositories/{workspace}/{repo_slug}/issues'
Where:
Basic authentication uses user-level credentials, which means that if you grant the user access to that repository, they can use basic authentication to interact with the API and make changes to that repo.
I hope that helps! Should you have any questions, feel free to ask.
Thank you, @bdbowen !
Patrik S
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.