Come for the products,
stay for the community

The Atlassian Community can help you and your team get more value out of Atlassian products and practices.

Atlassian Community about banner
Community Members
Community Events
Community Groups

Personal Access Token for Bitbucket Cloud?



I can only find documentation for personal access token for Bitbucket Server:


Is this functionality also available for Bitbucket Cloud?


Thank you

3 answers

2 votes
Ana Retamal Atlassian Team Jan 03, 2018

Hi David, apologies for the late response! I hope this answer will still help someone, so here it goes :)

Bitbucket Cloud does not have personal access tokens, but depending on what use you wanted to give them you can use App passwords or OAuth instead.

Would this suit you?



What is the reason behind lack of *personal access tokens* feature in Bitbucket cloud? 

As a developer, I find access tokens very handy when you are executing Git commands (i.e. clone, push, pull, etc). I use Github's personal access token on daily basis and it's super convenient. 

I guess I will have to disable 2FA in my bitbucket :( 

Hi @Raf, Bitbucket developer here.

I believe that App passwords that Ana referred to above are just what you're looking for. They were introduced exactly for the case when 2FA is turned on but some scoped access with basic auth is required.

Hope this helps.



Like # people like this

@Daniil Penkin - I'm curious why Atlassian didn't go with calling them "Personal access tokens"? :-)

Unlike personal access token app password is not enough to authenticate with Bitbucket Cloud, it also requires your username (login). So it is a password.

Like # people like this

@Daniil Penkin - thanks for the quick response!

I want to use personal access token to give AWS amplify access, with bitbucket cloud that is not possible, is there a workaround for.

Like # people like this

I have exactly the same case as @Yasar_Ertekin ! AWS amplify does not provide option to use App passwords! I'm even trying to find a way to automatically create access tokens but no luck!

I'm in the same situation also with AWS Amplify. It would be great if personal access tokens were available for BitBucket so they could be used with CloudFormation to create Amplify Apps.


With help from AWS support I've been able to create an Amplify App using a CloudFormation template and the AWS::Amplify::App resource.

I set up an OAuth consumer and using the client_credentials flow I was able to get a short-lived access token. Once I adjusted the OAuth consumer permissions/scopes appropriately (repository:admin webhook pullrequest) then it allowed an access token with appropriate permissions to be using in the OauthToken CloudFormation parameter combined with the Repository parameter with the Repo URL.

This created an Amplify App linked to the BitBucket Repo. There's a bit more effort involved but it works.

Dear Allan Oliveir,

I have been trying to replicate your suggestion workflow for creating AWS Amplify app. However, I am having trouble generating an access_token from BitBucket  following client_credentials flow or even getting an oauth_token.

Any assistance would be appreciated. Would be happy to provide any details needed.

Hi Stanimir,

So long as you've created an OAuth Consumer in your workspace with the correct permissions you should be able to generate short-lived access tokens as needed.

My implementation uses the endpoint with the key and secret and the client_credentials grant_type. An example below in Python.

response =
    auth=(f"{oauth_key}", f"{oauth_secret}"),

Also with CURL it's straight forward to test e.g.

curl -X POST --user <OAuth consumer Key>:<OAuth consumer Secret> -d grant_type=client_credentials


Hope that helps, let me know if you need anymore guidance.

Is this "hack" still working? I've got this every time

{"error_description": "Cannot use client_credentials with a consumer marked as \"public\". Calls for auto generated consumers should use urn:bitbucket:oauth2:jwt instead.", "error": "invalid_grant"}

I have an issue. I am not able to use the Jenkins generated access token in the webhook over at Bitbucket. Secondly, because I am not able to generate a personal access token in the bitbucket cloud, I am not able to intgrate Jenkins continuously. Please help. 

I am getting the error 403: No valid crumb issuer.

I have tried enabling CSRF protection and compatibility for proxies, but still upto no good. Please help.

It is like Bitbucket Cloud is in feature stage, I now lost time and many to find a workaround for this issue. for using *personal access tokens* feature in Bitbucket cloud.

Hello @Yasar_Ertekin,

Bitbucket Cloud doesn't have personal tokens (as in, single string), but it has app passwords (which meant to be used with your username replacing your regular password) and OAuth tokens instead.

Hope this helps.


I tried to use app passwords, in place of personal access token, as mentioned but I can't push the change to Bitbucket Cloud because of insufficient permission (according to the message). What should I do? Thanks

The app password does not have push permission.

Suggest an answer

Log in or Sign up to answer
Community showcase
Published in Bitbucket

Git push size limits are coming to Bitbucket Cloud starting April 4th, 2022

Beginning on April 4th, we will be implementing push limits. This means that your push cannot be completed if it is over 3.5 GB. If you do attempt to complete a push that is over 3.5 GB, it will fail...

2,130 views 2 9
Read article

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you