Create
cancel
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in

Rest API - Update a repository deploy key - return 403

vickos
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
March 26, 2023

Hi,

I am trying to use rest-API to update repository access key.

When calling this https://developer.atlassian.com/cloud/bitbucket/rest/api-group-deployments/#api-repositories-workspace-repo-slug-deploy-keys-key-id-put

The response is:

Response: 403 Forbidden
{"type": "error", "error": {"message": "This API is not accessible by this authentication mechanism"}}

Calling GET list deploy keys works fine

https://developer.atlassian.com/cloud/bitbucket/rest/api-group-deployments/#api-repositories-workspace-repo-slug-deploy-keys-get 

for both calls I am using access token with all available permissions 

Access token permissions:

Scopes

  • pipeline
  • pipeline:variable
  • pipeline:write
  • pullrequest
  • pullrequest:write
  • repository
  • repository:admin
  • repository:delete
  • repository:write
  • runner
  • runner:write
  • webhook

2 answers

1 accepted

1 vote
Answer accepted
Patrik S
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
March 28, 2023

Hello @vickos ,

Thank you for reaching out to Atlassian Community!

I'm afraid that currently Repository/project/workspace access tokens can't be used to authenticate API calls for POST/PUT/DELETE operation in the deploy-keys endpoint. I went ahead and created a feature request to add the ability to use this authentication mechanism : 

I would suggest you to add your vote there, since this helps both developers and product managers to understand the interest. Also, make sure you add yourself as a watcher in case you want to receive first-hand updates from that ticket. Please note that all features are implemented with this policy in mind.

While this feature is not implemented, the available authentication options for those endpoints are username and app password or OAuth access token. 

Thank you, @vickos !

Patrik S

0 votes
vickos
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
April 4, 2023

Thanks for your reply.

I was able to use  username and password to authenticate the API call, but I prefer not to use my own cerdinatial in the code.

How can I use OAuth access token, Do I need to use my username and password to create one or I can do it from the site? and how to limit the token's permissions?

What you think should be the best practice if I want automatically update access token after deploying my app to the server?

 

Tnx,

Vicko.

Suggest an answer

Log in or Sign up to answer
DEPLOYMENT TYPE
CLOUD
TAGS
AUG Leaders

Atlassian Community Events