Project Access Tokens

Project Access Tokens are a premium feature. To learn about the Bitbucket Cloud Premium plan, visit: Bitbucket Cloud Premium.

Project Access Tokens are per-project passwords for scripting tasks and integrating tools (such as CI/CD tools) with Bitbucket Cloud. Project Access Tokens are designed for use with a single application with limited permissions, so they don't require two-step verification (2SV, also known as two-factor authentication or 2FA). Project Access Tokens are tied to a Bitbucket project, not a user's account, restricting the token's access to a single project and any repositories in that project. This provides a more secure solution than user-based authentication methods such as App passwords.

Project Access Token features

Project Access Tokens have the following features:

They can be used to authenticate API calls.
They have limited permissions (scopes) specified when the access token is created.
They're intended to be single-purpose rather than reusable.
They're encrypted on our database and can't be viewed by anyone.

Project Access Token limitations

Project Access Tokens have the following limitations:

They can't be viewed or edited after they are created. They are intended to be replaced with a new access token rather than recovered or modified.
They can't be used to log in to your Bitbucket account at bitbucket.org.
They don't expire and have no expiry date. They will stop working when they are revoked.
They can't be used to manage or interact with workspaces or other projects.

Was this helpful?

It wasn't accurate

It wasn't clear

It wasn't relevant

Still need help?

The Atlassian Community is here for you.

Ask the Community