Project Access Tokens

Project Access Tokens are a premium feature. To learn about the Bitbucket Cloud Premium plan, visit: Bitbucket Cloud Premium.

Project Access Tokens are per-project passwords for scripting tasks and integrating tools (such as CI/CD tools) with Bitbucket Cloud. Project Access Tokens are designed for use with a single application with limited permissions, so they don't require two-step verification (2SV, also known as two-factor authentication or 2FA). Project Access Tokens are tied to a Bitbucket project, not a user's account, restricting the token's access to a single project and any repositories in that project. This provides a more secure solution than user-based authentication methods such as App passwords.

Project Access Token features

Project Access Tokens have the following features:

  • They can be used to authenticate API calls.

  • They have limited permissions (scopes) specified when the access token is created.

  • They're intended to be single-purpose rather than reusable.

  • They're encrypted on our database and can't be viewed by anyone.

Project Access Token limitations

Project Access Tokens have the following limitations:

  • They can't be viewed or edited after they are created. They are intended to be replaced with a new access token rather than recovered or modified.

  • They can't be used to log in to your Bitbucket account at

  • They don't expire and have no expiry date. They will stop working when they are revoked.

  • They can't be used to manage or interact with workspaces or other projects.

Still need help?

The Atlassian Community is here for you.