I used Tower (3.5.1) to sign into my Bitbucket account and make some change to another repo. Went back to XCode (11.2 beta) on macOS (10.14.6) to push changes for a second repo and started to get "Authentication failed because the credentials were rejected".
The sheet shows the address starting with "https://x-token-auth@bitbucket.org/", a Login popup menu with "Username and Password" (or "Add Bitbucket Cloud account"), a User Name field disabled and set to x-token-auth, and a Password field. I fill in the password I just used with Tower, but it fails still.
Adding a Bitbucket Cloud account is a mystery. It prompts for an Account and Password, but whether I use my email address or username, and that password, it still fails.
Sourcetree fails like XCode does. Tower still works, lucky son-of-a. So I'm not dead. What did Tower do to shut out Sourcetree and XCode? I used OAuth authentication in Tower, not Basic Auth.
Hello @contracorner,
Thanks for reaching out!
The x-token-auth is one of the ways to authenticate with Bitbucket (to use REST API or to pull a repository, for instance).
I believe what happened is you cloned the repository with Tower which used OAuth token rather than your regular Bitbucket credentials, so the remote URL for your repository now has that x-token-auth as username. Now, obviously Tower was passing the OAuth access token along with every request to Bitbucket without saving it to the repo remote URL (otherwise it would look like https://x-token-auth:<oauth_access_token>@bitbucket.org). This makes sense because of a) security aspect and b) access tokens don't live long, so that'd require to change remote URL every now and then.
As a result, nothing but Tower knows that OAuth access token which acts as a password and the refresh token which is used to get new access tokens when needed. This is why Xcode or SourceTree can't pull or push from this local copy. You'll see the same error if you try running any command in the command line too.
There're two ways to deal with this: either simply clone a fresh local copy of the repository (easier but might require some reconfiguration of you local dev environment) OR change the remote URL of your current local copy of the repository.
To do the latter:
git remote -vIt should print two lines for each remote registered with your repository, so most likely just two lines in your case. If they reference that URL with x-token-auth, my assumption was correct and you can continue with the steps below.
git remote set-url origin git@bitbucket.org:atlassian/atlaskit-mk-2.gitThe name of the remote origin here should match what you've seen in the output in the first step. Most likely it will be origin – this is the default.
I hope this helps you to resolve the issue. Let me know if you have any questions.
Cheers,
Daniil
So that's the gotcha with OAuth and multiple clients. Thanks for the clear explanation and fix steps.
When I get a breather I should look into app passwords.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.