Create an access token for a repository
How to create a new Repository Access Token
Access tokens for a repository are per-repository passwords for scripting tasks and integrating tools (such as CI/CD tools) with Bitbucket Cloud. Access tokens for a repository are designed for use with a single application with limited permissions, so they don't require two-step verification (2SV, also known as two-factor authentication or 2FA). Access tokens for a repository are tied to a repository, not a user’s account. This restricts the token’s access to a single repository, providing a more secure solution than user-based authentication methods such as App passwords.
Access tokens for a repository have the following features:
They can be used to authenticate API calls.
They have limited permissions (scopes) specified when the access token is created.
They are intended to be single-purpose rather than reusable.
They are encrypted on our database and can't be viewed by anyone.
They can have an expiry date.
Access tokens for a repository have the following limitations:
They can't be viewed or edited after they are created. They are intended to be replaced with a new access token rather than recovered or modified.
They can't be used to log in to your Bitbucket account at bitbucket.org.
They will stop working when they are revoked.
They can't be used to manage or interact with workspaces, projects, or any other repository.
Create an access token for a repository
How to create a new Repository Access Token
Repository-level access token permissions
Descriptions of the scopes or permissions available for access tokens created and used in a repository
Using access tokens for a repository
How to use access tokens for a repository
Revoke an access token for a repository
How do I deactivate or revoke an access token for a repository
Was this helpful?