API Tokens at Account Level Not Working

Bitbucket Development Bitbucket Cloud
1

Background: I was looking into API/Access Tokens for Bitbucket, because the App Passwords are deprecated. The workspace and pre-repo access tokens do work as expected.

There are also Atlassian account level API tokens. I’ve noticed that there are now scoped tokens there, and that included Bitbucket. The link on the API token explicitly points to the Bitbucket documentation:

image
image1686×738 62.8 KB

So, I created one with read scopes:

image
image1592×658 61.6 KB

However, when I use the created token, it does not work:

$ curl --request GET \
  --url 'https://api.bitbucket.org/2.0/repositories/RomanStoffel/test-repo' \
  --header 'Authorization: Bearer <the-token>' \
  --header 'Accept: application/json'

{"type": "error", "error": {"message": "Token is invalid, expired, or not supported for this endpoint."}}⏎

So, these tokens do not seem to actually work?

2 Likes
2

Short answer: You must use this token with a email as a basic auth password.

There is now a hint in the token creation dialog. Not sure if that hint is new or I just missed it:

image
image1354×868 97.7 KB

This refers to this documentation: Using API tokens | Bitbucket Cloud | Atlassian Support

So, use this token like this:

curl --request GET \
  --url 'https://api.bitbucket.org/2.0/repositories/RomanStoffel/test-repo' \
  --user 'your-email:<the-token>' \
  --header 'Accept: application/json'

Then it works =)

1 Like