Until recently, we had a CFML script which would pull down a complete zip file of our branch and parse it out to the server. The <cfhttp> tag attribute would look like this:
url="https://bitbucket.org/[account]/[project]/get/[branch].zip"
An Atlassian username and password was used, and everything worked fine. Obviously, we want to move to an APP PASSWORD account with reduced permissions - because our current method of using user credentials is going to be deprecated, right?
So, after playing around with permissions enough to get any response at all, we finally got this (the "contents" of the .zip file) from our latest attempt:
403 Forbidden
Your account is currently inactive. Because it's been a while since you logged in, you'll need to log in at https://bitbucket.org to get back in to your account.
I doubt that there's any way for an APP PASSWORD to actually "log in" at the bitbucket.org web site. This message seems like a red herring.
So I'm stumped. What is the server actually trying to tell us, what exactly are the permissions needed on an APP PASSWORD for our current endpoint above to continue working?
(We've tried Workplace=Read, Projects=Read, Repositories=Read, Pull requests=Read)
Thanks all,
Al
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.