Create
cancel
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in

Using XCode I can't push changes: "Authentication failed"

contracorner October 3, 2019

I used Tower (3.5.1) to sign into my Bitbucket account and make some change to another repo. Went back to XCode (11.2 beta) on macOS (10.14.6) to push changes for a second repo and started to get "Authentication failed because the credentials were rejected".

The sheet shows the address starting with "https://x-token-auth@bitbucket.org/", a Login popup menu with "Username and Password" (or "Add Bitbucket Cloud account"), a User Name field disabled and set to x-token-auth, and a Password field. I fill in the password I just used with Tower, but it fails still.

Adding a Bitbucket Cloud account is a mystery. It prompts for an Account and Password, but whether I use my email address or username, and that password, it still fails.

Sourcetree fails like XCode does. Tower still works, lucky son-of-a. So I'm not dead. What did Tower do to shut out Sourcetree and XCode? I used OAuth authentication in Tower, not Basic Auth.

2 answers

1 accepted

0 votes
Answer accepted
Daniil Penkin
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
October 3, 2019

Hello @contracorner,

Thanks for reaching out!

The x-token-auth is one of the ways to authenticate with Bitbucket (to use REST API or to pull a repository, for instance).

I believe what happened is you cloned the repository with Tower which used OAuth token rather than your regular Bitbucket credentials, so the remote URL for your repository now has that x-token-auth as username. Now, obviously Tower was passing the OAuth access token along with every request to Bitbucket without saving it to the repo remote URL (otherwise it would look like https://x-token-auth:<oauth_access_token>@bitbucket.org). This makes sense because of a) security aspect and b) access tokens don't live long, so that'd require to change remote URL every now and then.

As a result, nothing but Tower knows that OAuth access token which acts as a password and the refresh token which is used to get new access tokens when needed. This is why Xcode or SourceTree can't pull or push from this local copy. You'll see the same error if you try running any command in the command line too.

There're two ways to deal with this: either simply clone a fresh local copy of the repository (easier but might require some reconfiguration of you local dev environment) OR change the remote URL of your current local copy of the repository.

To do the latter:

  • First thing, let's verify I correctly identified the problem. Run this command in your repo:
    git remote -v
    It should print two lines for each remote registered with your repository, so most likely just two lines in your case. If they reference that URL with x-token-auth, my assumption was correct and you can continue with the steps below.
  • Now you need to grab your repository clone URL. The easiest option is to navigate to Bitbucket UI and click Clone button which will show the preferred URL: it might be SSH if you have SSH key configured in your account, or HTTPS (and you can always manually select which one to use). On my screenshot SSH is selected:

     atlaskit-mk-2 — Bitbucket 2019-10-04 12-49-03.png
  • Now you need to set that URL as the remote URL for your local copy. You can run it in the command line while in your repository:
    git remote set-url origin git@bitbucket.org:atlassian/atlaskit-mk-2.git
    The name of the remote origin here should match what you've seen in the output in the first step. Most likely it will be origin – this is the default.

    You can also do this operation with any of the aforementioned GUI tools: Tower, Xcode and SourceTree.
  • Now you can try pulling/pushing again. If you chose HTTPS URL, you will be prompted to enter your password. The GUI tools will likely suggest to securely save it for future operations. Command line can be configured to cache it as well, this depends on your Git client configuration.


I hope this helps you to resolve the issue. Let me know if you have any questions.

Cheers,
Daniil

contracorner October 4, 2019

So that's the gotcha with OAuth and multiple clients. Thanks for the clear explanation and fix steps.

When I get a breather I should look into app passwords.

Like jhokit likes this
0 votes
吴晗 September 10, 2023

You may try to update your Git version or /and  download MCMW.

Suggest an answer

Log in or Sign up to answer
TAGS
AUG Leaders

Atlassian Community Events