Create
cancel
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Celebration

Earn badges and make progress

You're on your way to the next level! Join the Kudos program to earn points and save your progress.

Deleted user Avatar
Deleted user

Level 1: Seed

25 / 150 points

Next: Root

Avatar

1 badge earned

Collect

Participate in fun challenges

Challenges come and go, but your rewards stay with you. Do more to earn more!

Challenges
Coins

Gift kudos to your peers

What goes around comes around! Share the love by gifting kudos to your peers.

Recognition
Ribbon

Rise up in the ranks

Keep earning points to reach the top of the leaderboard. It resets every quarter so you always have a chance!

Leaderboard

Come for the products,
stay for the community

The Atlassian Community can help you and your team get more value out of Atlassian products and practices.

Atlassian Community about banner
4,644,725
Community Members
 
Community Events
196
Community Groups

Retrieve list of users with two step verification enabled on Bitbucket

Hello - At our organization, we are trying to get all the employees to enable 2FA for their bitbucket accounts. We are looking for a way to validate if a user has enabled 2FA or not. At the moment, i can get this done only in 1 way, that is by getting Atlassian Access - I can enforce and get a report from Managed Accounts page.

 

Is there an API or a place that can provide generate a report of al users who enabled 2FA themselves on Bitbucket?

3 answers

I am addressing this currently in 2 steps:

Step 1:

Running the curl requests (for page 1 and page 2 - because I know the number of users on our account is less than 200. Number of users per page is hard limited to 100 by Atlassian)

 

curl -s --user <Username>:<ApiKey> "https://api.bitbucket.org/2.0/teams/<Org>/members?pagelen=100&page=1" | json_pp | pbcopy

 

curl -s --user <Username>:<ApiKey> "https://api.bitbucket.org/2.0/teams/<Org>/members?pagelen=100&page=2” | json_pp | pbcopy

Paste the contents in an excel after each curl request

Step2:

Apply filters and look for has_2fa_enabled flag for each user and filter them 

 

To make my life easier I wrote a py script that can do this for me and send list to slack channel. 

How do I generate the API keys, the password didnt work here ? and this api endpoint still working. The docs says its deprecated.

Leonardo H
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
Jun 27, 2022

Hey @suraj !

Just came across this thread and found that your question was left unanswered, I hope you have already found how API Keys can be generated.

In case not, here are some resources that can help you with this:

API Keys for Organizations:

  1. Access to admin.atlassian.comSelect the correct organization if you have more than one.

  2. Go to Settings > API keys.

  3. Click Create API key in the top right.

  4. Enter a name that you’ll remember to identify the API key.

  5. Change the expiration date if you'd like by picking a new date under Expires on. By default, the key expires one week from the creation date.

  6. Select Create to save the API key.

  7. Copy the values for your Organization ID and API key. You'll need those to use the API key.

 

Keep in mind it isn't possible to view the token after closing the creation dialog for security purposes.

 

API Keys For Products:

To create an API Key to use in your Atlassian Cloud products, you must:

  1. Log in to https://id.atlassian.com/manage-profile

  2. Navigate to Security and click "Create and manage API tokens"

  3. Click Create API token.

  4. From the dialog that appears, enter a memorable and concise Label for your token and click Create.

  5. Click Copy to clipboard, then paste the token to your script, or elsewhere to save

You can find more information about those in the following help articles:

That would help me a lot at this point

0 votes
Daniil Penkin
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
Oct 15, 2019

Hello @Ganesh Narasimhadevara,

Thanks for reaching out.

I'm not sure there's a reporting mechanism available for this yet. However, you can enforce two-factor authentication for a Bitbucket team if it is on a Premium plan.

Hope this helps.

Cheers,
Daniil

That would be an extremely interesting feature to be added

Suggest an answer

Log in or Sign up to answer
TAGS
AUG Leaders

Atlassian Community Events