Create
cancel
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in

REST API 2.0 to merge a Pull Request is throwing write access error

Dhiraj Sittu
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
March 1, 2023

Hi All,

I'm trying to hit the following curl:

curl --location --request POST 'https://api.bitbucket.org/2.0/repositories/<workspace>/<repo>/pullrequests/1493/merge' \
--header 'Authorization: Bearer <access_token>' \
--header 'Accept: application/json' \
--header 'Content-Type: application/json' \
--data-raw '{

}'

I have created the access_token from Repository settings > Access tokens for this repo, on Bitbucket Cloud website. All the permissions are checked except Delete repo.

I'm getting the following error response:

{
"type""error",
"error": {
"message""newstatus: Merging a pull request requires write access to the destination branch.",
"fields": {
"newstatus": [
"Merging a pull request requires write access to the destination branch."
]
}
}
}
I'm getting the option to Merge the PR from the UI but API is failing.
I've attached the permissions screenshot.
Screenshot 2023-03-01 at 7.52.02 PM.png

2 answers

0 votes
Theodora Boudale
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
March 3, 2023

Hi @Dhiraj Sittu and welcome to the community!

If the screenshot you shared is from the PR's destination branch, then the reason you are getting this error message is that merge of PRs is restricted only to certain users.

Repository access tokens are not associated with the user that generated them or with any other user. They also cannot be added to a branch restriction, so you won't be able to merge this PR with a Repository access token (RAT) as long as this branch restriction exists.

Merging a PR via API with a RAT is possible as long as PR merging is not restricted to certain users and everyone is allowed to merge.

If you would like to keep the branch restriction for PR merging, then the only way to merge the PR with an API call is by using the authentication details of a user who has permission to merge the PR:

curl -u BB_Username:App_Password -X POST 'https://api.bitbucket.org/2.0/repositories/<workspace-id>/<repo>/pullrequests/<pr_id>/merge'

where

BB_Username is the username of a Bitbucket Cloud user who has permission to merge PRs to the destination branch
App_Password is an app password for that user's account, that has Pull requests: Write permissions

We have a feature request for allowing admins to add a Repository access token to branch restrictions:

I would suggest adding your vote (by selecting the Vote for this issue link) and commenting on the feature request to give it more weight and further express your interest. You can also add yourself as a watcher (by selecting the Start watching this issue link) if you'd like to get notified via email on updates. Implementation of new features is done as per our policy here and any updates will be posted in the feature request.

Please feel free to let me know if you have any questions.

Kind regards,
Theodora

0 votes
Ulrich Kuhnhardt _IzymesCo_
Marketplace Partner
Marketplace Partners provide apps and integrations available on the Atlassian Marketplace that extend the power of Atlassian products.
March 2, 2023

Hello Dhiraj, Welcome to the community!

I hope I can help: The request authorization header can be 

  1. "Bearer: <bearer_token>" or
  2. "Basic: <base64(<username>:<access_token>)>"

If you try to send the same curl request with `curl -u "<username:accessToken>" .....` you should get the Auth header for free.

Good luck and let me know how you go!

Best, Ulrich

// Izymes

Suggest an answer

Log in or Sign up to answer
TAGS
AUG Leaders

Atlassian Community Events