Access Tokens

Access Tokens are repository-based access tokens for scripting tasks and integrating tools (such as CI/CD tools) with Bitbucket Cloud. Access Tokens are designed to be used for a single application with limited permissions, so they don't require two-step verification (2SV, also known as two-factor authentication or 2FA).

Access Tokens are tied to a repository (rather than a user) and should not be shared. By sharing an Access Token, you're giving direct, authenticated access to everything that Token has permissions to do with the Bitbucket APIs (limited to the repository it was created for).

Access Token features

Access Tokens have the following features:

  • They can be used to authenticate API calls.

  • They provide access that is limited to the repository they were created for.

  • They have limited permissions (scopes), specified when the Access Token is created.

  • They are intended to be single-purpose, rather than reusable.

  • They are encrypted on our database and can't be viewed by anyone.

Access Token limitations

Access Tokens have the following limitations:

  • They can’t access anything outside the repository they were created for.

  • They can't be used to manage workspace actions.

  • They can't be viewed or edited after they are created. They are intended to be replaced with a new Access Token rather than recovered or modified.

  • They don't expire and an expiry date can't be set, they will stop working when they are revoked.

  • They can't be used to log in to Bitbucket at http://bitbucket.org.

Type of Access Token

There is one type of Access Token available for Bitbucket Cloud.

  • Repository Access Tokens — Provides access to a single repository with the permissions specified at the time of creation. Repository Access Tokens can be used for tasks such as managing a single repository or allowing a CI/CD tool to access the source code of a single repository in the workspace. For information on Repository Access Tokens, including creation and usage, see Repository Access Tokens.

Additional Help