Showing results for 
Search instead for 
Did you mean: 
Sign up Log in

Earn badges and make progress

You're on your way to the next level! Join the Kudos program to earn points and save your progress.

Deleted user Avatar
Deleted user

Level 1: Seed

25 / 150 points

Next: Root


1 badge earned


Participate in fun challenges

Challenges come and go, but your rewards stay with you. Do more to earn more!


Gift kudos to your peers

What goes around comes around! Share the love by gifting kudos to your peers.


Rise up in the ranks

Keep earning points to reach the top of the leaderboard. It resets every quarter so you always have a chance!


Come for the products,
stay for the community

The Atlassian Community can help you and your team get more value out of Atlassian products and practices.

Atlassian Community about banner
Community Members
Community Events
Community Groups

Private snippet API not working as in docs

In docs written that we can access  snippet via 


curl --request GET \ --url '{workspace}/{encoded_id}/files/{path}' \ --header 'Authorization: Bearer <access_token>'


However that not works with private repository.

Steps to reproduce:

* Create snippet in your workspace and make visble to you only

* try curl '{workspace}/{encoded_id}/files/{path}' via your app/username(created via 'App password' in account)
* got 401, but  try curl '{workspace}/{encoded_id}/ is acessible

* make your snippet public

* try curl '{workspace}/{encoded_id}/files/{path}' without user(it works)

Also strange thing that I'm able to retrieve snippet's raw file when specifying sha({workspace}/{encoded_id}/{node_id}/files/{path}' ), but it strange,  and will change every time. But goal is to use snippet in scripts

2 answers

Hi @seanaty , Sorry still don't get, I already provided user. Will give you real examples:


This code works, returns 200, and content


# password created via 'App password' in account, here is just example of any user/pass combination


curl -L "<worksapce-id>/<encoded-id>/6d6fa27ad8606f5df7e41530811a910171e0bbf8/files/test" --user $SNIPPET_AUTH


This code returns 401, only difference is commit hash is absent. Use case for this, is that I want always get latest version of file.



curl -L "<worksapce-id>/<encoded-id>/files/test" --user $SNIPPET_AUTH



Hi @Serhii Serhiienko,

I have tested this with one of my own private snippets and it seems to work ok, e.g. this call gives me the latest version of my snippet:

curl -L<workspace-id>/<encoded-id>/files/mysnippet.txt --user username:app-password

For testing purposes, could you include your Bitbucket username and app-password in the curl command like in my example, instead of using the variable SNIPPET_AUTH you created?

Do you remember if the app password was created with permissions to read snippets?

Kind regards,

Hi @Theodora Boudale , created new account to share passwords,  here is call, user/pass are real, should return `test`

curl -L<workspace-id>/<encoded-id>/files/test --user Password:<app-password>

 returns 401 now. 
You can play with it, login to bibucket with cred <email>/<password>


Hi @Serhii Serhiienko,

For security reasons, we cannot use other users' credentials, even if they're of a test account, but I think I may see the reason for the 401.

In the curl call you provided in your last reply, you are using

--user Password:<app-password>

However, Password is the Full name of this test Bitbucket account, not its username. The username of a Bitbucket account can be found here (after you log in), next to the field named "Username" (not the "Name"):

Can you check if the curl call works if you use the Username listed in the link above?

Just a heads up, I removed emails and app passwords from your replies, as well as the workspace ids, for privacy reasons.

Kind regards,

Hi @Theodora Boudale , in initial question I already used username, just missed it with temp repository2022-01-20_08-36.png

0 votes
seanaty Atlassian Team Jan 10, 2022

401 means that you are unauthenticated. The problem is with your authentication, as you guessed.

An app password is not a Bearer token, you still need to provide your Bitbucket username like this:

--user 'my-username:my-app-password'

 I was curious about the --user param and checked to see what header curl was using with it and it looks like it does this:

authorization: Basic bXktdXNlcm5hbWU6bXktYXBwLXBhc3N3b3Jk

 The value there is 'my-username:my-app-password' but base64-encoded.

Hope this helps!

Suggest an answer

Log in or Sign up to answer

Atlassian Community Events