Access tokens
Access tokens are linked to a repository, project, or workspace. They can be used for scripting tasks and integrating tools (such as CI/CD tools) with Bitbucket Cloud. Access tokens are designed to be used for a single application with limited permissions, so they don't require two-step verification (2SV, also known as two-factor authentication or 2FA).
Access tokens are tied to a repository, project, or workspace (rather than a user) and should not be shared. By sharing an access token, you're giving direct, authenticated access to everything that token has permissions to do with the Bitbucket APIs (limited to the repository, project, or workspace it was created for).
Access token features
Access tokens have the following features:
They can be used to authenticate API calls.
They provide access that is limited to the repository, project, or workspace they were created for.
They have limited permissions (scopes) specified when the access token is created.
They are intended to be single-purpose, rather than reusable.
They are encrypted on our database and can't be viewed by anyone.
They can have an expiry date.
Access token limitations
Access tokens have the following limitations:
They can’t access anything outside the repository, project, or workspace they were created for.
They can't be used to manage workspace actions.
They can't be viewed or edited after they are created. They are intended to be replaced with a new access token rather than recovered or modified.
They will stop working when they are revoked.
They can't be used to log in to Bitbucket at http://bitbucket.org.
Workspace, project, and repository access tokens
Access tokens can be created and used within a workspace, project, or repository in Bitbucket Cloud.
Premium plan customers
Workspace and project access tokens are only available to customers with a Premium Bitbucket Cloud account. For information on our Premium plan or upgrading your account, check out our plans and pricing page.
Access tokens for repositories — Provides access to a single repository with the permissions specified at the time of creation. An access token for a repository can be used for tasks such as managing a single repository or allowing a CI/CD tool to access the source code of a single repository in the workspace. For more information, including creation and usage, see Access tokens for a repository.
Access tokens for a project (Premium feature) — Provides access to a single project and the repositories in it. The access permissions (or scopes) are specified at the time of creation. Access tokens for a project can be used for tasks such as managing or accessing the repositories in a single project. For more information, including creation and usage, see Access tokens for a project.
Access tokens for a workspace (Premium feature) — Provides access to a single workspace and the repositories and projects in it. The access permissions (or scopes) are specified at the time of creation. Access tokens for a workspace can be used for tasks such as managing or accessing the repositories in a single workspace or managing the workspace. For information, including creation and usage, see Access tokens for a workspace.
Was this helpful?