Hello!
I can only find documentation for personal access token for Bitbucket Server: https://confluence.atlassian.com/bitbucketserver/personal-access-tokens-939515499.html
Is this functionality also available for Bitbucket Cloud?
Thank you
Hi David, apologies for the late response! I hope this answer will still help someone, so here it goes :)
Bitbucket Cloud does not have personal access tokens, but depending on what use you wanted to give them you can use App passwords or OAuth instead.
Would this suit you?
Cheers!
Ana
What is the reason behind lack of *personal access tokens* feature in Bitbucket cloud?
As a developer, I find access tokens very handy when you are executing Git commands (i.e. clone, push, pull, etc). I use Github's personal access token on daily basis and it's super convenient.
I guess I will have to disable 2FA in my bitbucket :(
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi @Raf, Bitbucket developer here.
I believe that App passwords that Ana referred to above are just what you're looking for. They were introduced exactly for the case when 2FA is turned on but some scoped access with basic auth is required.
Hope this helps.
Cheers!
Daniil
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
@Daniil Penkin - I'm curious why Atlassian didn't go with calling them "Personal access tokens"? :-)
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Unlike personal access token app password is not enough to authenticate with Bitbucket Cloud, it also requires your username (login). So it is a password.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
@Daniil Penkin - thanks for the quick response!
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
I want to use personal access token to give AWS amplify access, with bitbucket cloud that is not possible, is there a workaround for.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
I have exactly the same case as @Yasar Ertekin ! AWS amplify does not provide option to use App passwords! I'm even trying to find a way to automatically create access tokens but no luck!
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
I'm in the same situation also with AWS Amplify. It would be great if personal access tokens were available for BitBucket so they could be used with CloudFormation to create Amplify Apps.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Update:
With help from AWS support I've been able to create an Amplify App using a CloudFormation template and the AWS::Amplify::App resource.
I set up an OAuth consumer and using the client_credentials flow I was able to get a short-lived access token. Once I adjusted the OAuth consumer permissions/scopes appropriately (repository:admin webhook pullrequest) then it allowed an access token with appropriate permissions to be using in the OauthToken CloudFormation parameter combined with the Repository parameter with the Repo URL.
This created an Amplify App linked to the BitBucket Repo. There's a bit more effort involved but it works.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Dear Allan Oliveir,
I have been trying to replicate your suggestion workflow for creating AWS Amplify app. However, I am having trouble generating an access_token from BitBucket following client_credentials flow or even getting an oauth_token.
Any assistance would be appreciated. Would be happy to provide any details needed.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Stanimir,
So long as you've created an OAuth Consumer in your workspace with the correct permissions you should be able to generate short-lived access tokens as needed.
My implementation uses the https://bitbucket.org/site/oauth2/access_token endpoint with the key and secret and the client_credentials grant_type. An example below in Python.
response = requests.post(
url="https://bitbucket.org/site/oauth2/access_token",
auth=(f"{oauth_key}", f"{oauth_secret}"),
data={"grant_type":"client_credentials"}
)
Also with CURL it's straight forward to test e.g.
curl -X POST --user <OAuth consumer Key>:<OAuth consumer Secret> https://bitbucket.org/site/oauth2/access_token -d grant_type=client_credentials
Hope that helps, let me know if you need anymore guidance.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Is this "hack" still working? I've got this every time
{"error_description": "Cannot use client_credentials with a consumer marked as \"public\". Calls for auto generated consumers should use urn:bitbucket:oauth2:jwt instead.", "error": "invalid_grant"}
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
I have an issue. I am not able to use the Jenkins generated access token in the webhook over at Bitbucket. Secondly, because I am not able to generate a personal access token in the bitbucket cloud, I am not able to intgrate Jenkins continuously. Please help.
I am getting the error 403: No valid crumb issuer.
I have tried enabling CSRF protection and compatibility for proxies, but still upto no good. Please help.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
It is like Bitbucket Cloud is in feature stage, I now lost time and many to find a workaround for this issue. for using *personal access tokens* feature in Bitbucket cloud.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hello @Yasar Ertekin,
Bitbucket Cloud doesn't have personal tokens (as in, single string), but it has app passwords (which meant to be used with your username replacing your regular password) and OAuth tokens instead.
Hope this helps.
Cheers,
Daniil
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
I tried to use app passwords, in place of personal access token, as mentioned but I can't push the change to Bitbucket Cloud because of insufficient permission (according to the message). What should I do? Thanks
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
The app password does not have push permission.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.