API tokens | Bitbucket Cloud | Atlassian Support (original) (raw)

API tokens are user-based tokens for scripting tasks and integrating tools, for example CI/CD tools, with Bitbucket Cloud. They are the long term replacement for App passwords.

API tokens are designed to be used for a single purpose with limited permissions, so they don't require two-step verification (2SV, also known as two-factor authentication or 2FA).

API tokens are tied to an individual account's credentials and should not be shared. By sharing your API token you're giving direct, authenticated access to everything that the token has permissions to do with the Bitbucket APIs.

API token features

API tokens have the following features:

They can be used to authenticate API calls.
They have limited permissions (scopes), specified when the API token is created.
They can be further scoped to a particular Bitbucket Cloud workspace.
They are intended to be single purpose, rather than reusable.

API token limitations

API tokens have the following limitations:

They can'tbe used to manage workspace actions.
They can't be viewed or edited after they are created. They are intended to be replaced with a new API token rather than recovered or modified.
They can't be used to log in to your Bitbucket account at bitbucket.org

Atlassian Administration authentication policies

On Atlassian Administration, org admins have the ability to limit the creation of new API tokens for their managed users. However, this restriction does not extend to Bitbucket. Consequently, managed users are always permitted to create API tokens specifically for use with Bitbucket.

Was this helpful?

It wasn't accurateIt wasn't clearIt wasn't relevant

Still need help?

The Atlassian Community is here for you.