Enhanced API Authentication for Bitbucket with OAuth/JWT

by miniOrange

works with Bitbucket Server 5.5.0 - 8.19.18, Bitbucket Data Center 5.5.0 - 9.6.5 and more

30 Day Data Center trial · One trial per customer.
Additional time may be available from the app vendor.

OVERALL RATINGS
DOWNLOADS
SUPPORT: Partner Supported

Overview

Reviews

Pricing

Privacy & Security

Support

Installation

Key highlights of the appUse API tokens, OAuth/OIDC, JWT to secure Bitbucket Data Center REST APIs for integration or automation

Secure REST APIs in Bitbucket Server & Data Center

Protect Bitbucket Data Center REST APIs using API Tokens instead of username & password
Create, revoke, and set expiry for API tokens based on your needs.

Works great for scripts, Postman, CI/CD pipelines, & integrations

Add security control to Bitbucket API Auth

Option to disable Basic Authentication for REST API calls.
Enforce IP restriction / allowlisting for REST API access.

Apply group-based restrictions to control which users/groups can use API access methods.

OAuth/OIDC + JWT option for modern API Auth

Authenticate Bitbucket REST APIs using OAuth 2.0 with providers (Entra ID, Okta, Keycloak, Google, and more)

Helps teams standardize API authentication for Bitbucket across external apps and internal services.

Supporting media

More details

📞schedule a demo | 📃How to set up? | Demo

This app helps you secure Bitbucket API Auth using API Tokens, OAuth 2.0/OIDC, and JWT, so your automation, scripts, and external apps can connect safely in SSO-enabled environments

Who installs this?

Teams with SSO-enabled Bitbucket (where local passwords are not used)
Security-conscious orgs trying to eliminate Basic Authentication
DevOps teams running CI/CD automation that calls Bitbucket REST APIs

Common use cases

CI/CD jobs creating PRs, updating branches, or reading repo metadata via REST APIs
Internal scripts/tools calling REST APIs without storing a user password

Features

API Tokens for users & services - Create, revoke, and set expiry
Disable Basic Authentication - Remove password-based REST API calls
OAuth 2.0/OIDC authentication/JWT - Use your IdP for token-based API authentication
Security controls - IP restriction+group-based restriction

API Token & OAuth Auth is also available for Jira & Confluence

Resources

Download
Get the .jar file downloaded to your system
App documentation
Comprehensive set of documentation from the partner on how this app works

Privacy and Security

Privacy policy

Atlassian's privacy policy is not applicable to the use of this app. Please refer to the privacy policy provided by this app's partner.

Partner privacy policy

Security program

This app is not part of the Marketplace Bug Bounty program.

Version information

Version 1.2.4•for Bitbucket Data Center 5.5.0 - 9.6.5

Release date: Mar 5th 2026
Summary: Compatibility Update & Security Improvements
Details: Added compatibility with Bitbucket 9+.
Updated third-party dependencies to fix security vulnerabilities.
Payment model: Paid via Atlassian