Create
cancel
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
It's not the same without you

Join the community to find out what other Atlassian users are discussing, debating and creating.

Atlassian Community Hero Image Collage

Private snippet API not working as in docs

In docs written that we can access  snippet via 

```

curl --request GET \ --url 'https://api.bitbucket.org/2.0/snippets/{workspace}/{encoded_id}/files/{path}' \ --header 'Authorization: Bearer <access_token>'

```

However that not works with private repository.

Steps to reproduce:

* Create snippet in your workspace and make visble to you only

* try curl 'https://api.bitbucket.org/2.0/snippets/{workspace}/{encoded_id}/files/{path}' via your app/username(created via 'App password' in account)
* got 401, but  try curl 'https://api.bitbucket.org/2.0/snippets/{workspace}/{encoded_id}/ is acessible

* make your snippet public

* try curl 'https://api.bitbucket.org/2.0/snippets/{workspace}/{encoded_id}/files/{path}' without user(it works)

Also strange thing that I'm able to retrieve snippet's raw file when specifying sha(https://api.bitbucket.org/2.0/snippets/{workspace}/{encoded_id}/{node_id}/files/{path}' ), but it strange,  and will change every time. But goal is to use snippet in scripts

2 answers

Hi @seanaty , Sorry still don't get, I already provided user. Will give you real examples:

 


This code works, returns 200, and content

```

# password created via 'App password' in account, here is just example of any user/pass combination

SNIPPET_AUTH=user:password

curl -L "https://bitbucket.org/api/2.0/snippets/<worksapce-id>/<encoded-id>/6d6fa27ad8606f5df7e41530811a910171e0bbf8/files/test" --user $SNIPPET_AUTH

```


This code returns 401, only difference is commit hash is absent. Use case for this, is that I want always get latest version of file.

```

SNIPPET_AUTH=user:password

curl -L "https://bitbucket.org/api/2.0/snippets/<worksapce-id>/<encoded-id>/files/test" --user $SNIPPET_AUTH

```

 

Hi @Serhii Serhiienko,

I have tested this with one of my own private snippets and it seems to work ok, e.g. this call gives me the latest version of my snippet:

curl -L https://api.bitbucket.org/2.0/snippets/<workspace-id>/<encoded-id>/files/mysnippet.txt --user username:app-password

For testing purposes, could you include your Bitbucket username and app-password in the curl command like in my example, instead of using the variable SNIPPET_AUTH you created?

Do you remember if the app password was created with permissions to read snippets?

Kind regards,
Theodora

Hi @Theodora Boudale , created new account to share passwords,  here is call, user/pass are real, should return `test`

curl -L https://api.bitbucket.org/2.0/snippets/<workspace-id>/<encoded-id>/files/test --user Password:<app-password>

 returns 401 now. 
You can play with it, login to bibucket with cred <email>/<password>

2022-01-19_07-35_1.png

Hi @Serhii Serhiienko,

For security reasons, we cannot use other users' credentials, even if they're of a test account, but I think I may see the reason for the 401.

In the curl call you provided in your last reply, you are using

--user Password:<app-password>

However, Password is the Full name of this test Bitbucket account, not its username. The username of a Bitbucket account can be found here (after you log in), next to the field named "Username" (not the "Name"):

Can you check if the curl call works if you use the Username listed in the link above?

Just a heads up, I removed emails and app passwords from your replies, as well as the workspace ids, for privacy reasons.

Kind regards,
Theodora

Hi @Theodora Boudale , in initial question I already used username, just missed it with temp repository2022-01-20_08-36.png

0 votes
seanaty Atlassian Team Jan 10, 2022

401 means that you are unauthenticated. The problem is with your authentication, as you guessed.

An app password is not a Bearer token, you still need to provide your Bitbucket username like this:

--user 'my-username:my-app-password'

 I was curious about the --user param and checked to see what header curl was using with it and it looks like it does this:

authorization: Basic bXktdXNlcm5hbWU6bXktYXBwLXBhc3N3b3Jk

 The value there is 'my-username:my-app-password' but base64-encoded.

Hope this helps!

Suggest an answer

Log in or Sign up to answer
TAGS
Community showcase
Published in Bitbucket

📣 Calling Bitbucket Data Center customers to participate in research

Hi everyone, Are you Bitbucket DC customer? If so, we'd love to talk to you! Our team wants to dive deep to understand your long-term plans regarding Bitbucket DC and Atlassian Cloud. Do you plan...

239 views 2 5
Read article

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you