Create
cancel
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Celebration

Earn badges and make progress

You're on your way to the next level! Join the Kudos program to earn points and save your progress.

Deleted user Avatar
Deleted user

Level 1: Seed

25 / 150 points

Next: Root

Avatar

1 badge earned

Collect

Participate in fun challenges

Challenges come and go, but your rewards stay with you. Do more to earn more!

Challenges
Coins

Gift kudos to your peers

What goes around comes around! Share the love by gifting kudos to your peers.

Recognition
Ribbon

Rise up in the ranks

Keep earning points to reach the top of the leaderboard. It resets every quarter so you always have a chance!

Leaderboard

Come for the products,
stay for the community

The Atlassian Community can help you and your team get more value out of Atlassian products and practices.

Atlassian Community about banner
4,459,898
Community Members
 
Community Events
176
Community Groups

Using APIs to manage user access to repositories

Edited

Hi,

We wanted to reduce our interaction with Bitbucket UI and also setup a process to generate audit reports to better understand which users have access to which repositories and at what level of permissions.

I have been able to identify APIs that allow me to get the information needed to generate the audit reports, but I was unable to find any API that would allow us to give a specific user read/write/admin access to a repository.

Asking here just in case I missed something. 

Thanks!

2 answers

0 votes
Karthick S Atlassian Team Apr 14, 2022

Hello @N M

Thanks for the update and for providing more context. You may use the Invitation endpoint API  to add the user directly to the repository. The user will receive an invitation mail and they need to accept it. 

Sample CURL call:

curl -u  username:AppPassword --request POST https://api.bitbucket.org/1.0/invitations/workspace_ID/repo_slug --data permission=write --data email="emailID"

I hope this helps.

Kind regards,
Karthick S

Thanks for getting back with another solution @Karthick S . 

This solution only works partially. I am trying to manage all aspects of user access via APIs. I can only invite a user to join a repository via this API endpoint, but I can not:

  • Change the level of access, i.e. promote it from read to write or demote it from admin to read only etc.
  • Revoke access completely to a repository for a user directly given access to the repository (not via groups).

 

I understand these operations are possible on groups, but not on individual users. We'll basically like to be able to do CRUD on an individual user's permissions to repositories.

End goal is to manage user and group permissions via configuration stored outside of Bitbucket and using that configuration with Bitbucket APIs to manage user and team access to various repositories. We have many teams and no one to manage the day to day requests to grant/revoke repository access.

0 votes
Karthick S Atlassian Team Apr 14, 2022

Hello @N M

Thank you for reaching out to Atlassian Community. 

Currently, you may use group endpoint API to modify the permissions of a group. For example, the below CURL call would update the permissions for a given group.

curl --request PUT --user "username:Apppassword" --header "Content-Type: application/json" https://api.bitbucket.org/1.0/groups/WORKSPACE_ID/GROUP_SLUG --data '{"name":"group_slug","permission":"read","auto_add":true}'

I hope this helps.

Kind regards,
Karthick S

Thanks for the reply Karthick, but unfortunately, that doesnt help.

Question above is about giving permissions to a "specific" user, not a group. Apologies if it wasn't clear.

Suggest an answer

Log in or Sign up to answer
TAGS

Atlassian Community Events