API Token Authentication for Bitbucket
As we continue to move towards a cloud future together, new server app sales and installs are no longer available for customers. You can update app version via Atlassian Marketplace until the end of support for server on Feb 15, 2024. Learn more
Increase security for Bitbucket REST API data connections from external services with API Tokens instead of username & passwords

Improve your SSO environment with API tokens
In SAML SSO environments, users often have no local passwords anymore. This makes connecting external scripts, services and apps difficult. With API tokens (Personal Access Token) users can now access 3rd party apps.
Decrease Risk: Keep your Data Secure and Managed
You can disable API authentication by username & Bitbucket password in favour of API tokens, making your access more controlled & secure create & revoke API Bitbucket tokens & restrict REST requests by IP-address.
Connect Bitbucket: Scripts, Services & Cloud Acct
New: Token Manager, Permission Model, Scoping & Audit Logging
Works for Bitbucket Server API & Bitbucket Data Center API & all Bitbucket user in SSO installations
Free PoC & configuration support - schedule a session
More details
API Token Authentication for Bitbucket provides more features than the built-in Personal Access Token plugin. It gives admins more control over who can use tokens, create tokens for personal use or create tokens on behalf of other users.
Features:
- Create Tokens per user & services
- Revoke API Tokens anytime
- Token Manager to filter/ create tokens for all users
- Permissions for who (defined by group membership) may create tokens & what scope (read or read & write)
- Restrict REST API requests by IP address & range
- Disallow built-in basic authentication w/ username & password for REST API connections
- Works in all SSO environments
- Compatible with our user mgmt apps: SAML Single Sign-On, User Directory Sync, User Deactivator
We provide:
- Business-class support & proven scalability for small & large enterprises
- Trusted by healthcare, government & finance firms
Try as well the Jira and Confluence versions
Privacy and security
Privacy policy
Atlassian's privacy policy is not applicable to the use of this app. Please refer to the privacy policy provided by this app's partner.
Partner privacy policySecurity
Resources
Gallery
As a user, you can simply create an REST API Token & give it a recognizable name that describes the purpose of this Token.