Hello,
when invoking REST API using App Password on https://api.bitbucket.org/2.0/user, the response headers' property x-oauth-scopes does not contain write-related scopes like repository:write or snippet:write, just the read-related headers repository, snippet
EDITED: this was caused by cache in browser and etag header being used. Thus the problem here is generally having access to the x-oauth-scopes header when in CORS mode. See my comment below.
I actually have generated App Password having selected all the available scopes, but the listed values in response headers do not show.
Why is it so and is there a way how to list all the scopes? I need to reflect the capabilities in the app I am writing.
Looks like cors related issue:
It seems that the response header
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Type, ETag, Last-Modified
should mention `X-OAuth-Scopes` which it does not, as far as I can tell.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.