Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Personal Access Token

Andrea Pannitti
Andrea Pannitti
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
October 25, 2022

Hi all,
I was able to create a bitbucket project by REST API, using the following:

/rest/api/1.0/projects [POST]

With the following body:

{"key": "TEST", "name": "TestProject", "description": "Test"}

And using the Basic Authentication.

Now, I create a Personal Access Token for a Bitbucket user admin and I'm trying to call the same REST api to create another project using the Personal Access Token but in this case I receive an error 401 Unauthorized: You are not permitted to access this resource.

How could I solve this problem?

Thanks

Answer
Watch
Like Be the first to like this
908 views

2 answers

1 accepted

0 votes
Answer accepted
Andrea Pannitti
Andrea Pannitti
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
October 27, 2022

The problem is due to the fact that with token authentication it is possible to:

Create and fork repositories
Update project settings and permissions
Update repository settings and permissions
Push to repositories and perform pull request actions
Pull and clone repositories

But not to create projects.

Reply
0 votes
Idan Bidani
Idan Bidani October 25, 2022

Hi

Can you test a GET request? the token should be used in the same place the password was together with the username.

For ex. in curl it should look like this:

 

curl -s --user <userID>:<TOKEN> --request GET https://URL/rest/api/latest/projects?limit=10
View More Comments
Andrea Pannitti
Andrea Pannitti
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
October 26, 2022

Hi @Idan Bidani ,

no, I need to call in POST because I must create a new Project on Bitbucket and I want use the Personal Access Token because more secure of the Basic Authentication.

 

Regards

Like Markus Pietrek likes this
Markus Pietrek
Markus Pietrek
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
July 3, 2023

I would second that request. We also have to create projects and want to use HTTP access tokens for it.

With the current limitations we have to use the login password of a user with project admin permissions.This is a big security risk especially as we have to pass the credentials via IPC to the process creating the projects.

A token with just the capability for project creation and initial configuration would be best.

Like
Reply

Suggest an answer

Log in or Sign up to answer
Bitbucket
Bitbucket
TAGS
AUG Leaders

Atlassian Community Events

    See all events