Windows Integrated Authentication support for Bitbucket Server

Platform Notice: Data Center Only - This article only applies to Atlassian products on the Data Center platform.

Note that this KB was created for the Data Center version of the product. Data Center KBs for non-Data-Center-specific features may also work for Server versions of the product, however they have not been tested. Support for Server* products ended on February 15th 2024. If you are running a Server product, you can visit the Atlassian Server end of support announcement to review your migration options.

*Except Fisheye and Crucible

Summary

"Host does not support WIA" error encountered while configuring Windows integrated authentication for Bitbucket server

Environment

  • Git for windows 2.29 with built in GCM core (Git Credential Manager core)

  • Bitbucket server 6.10.5 running on Windows. Applicable for multiple versions of Bitbucket

Diagnosis

Windows integrated authentication for Active Directory users from Git GCM Core (2.29) to remote Bitbucket server fails to authenticate with trace message "Host does not support WIA" and switches to Basic authentication in Windows credential manager.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 C:\Users\Administrator>git clone http://<user>@<bitbucket_repository_url> Cloning into 'repo'... 10:01:46.214995 ...\Application.cs:69 trace: [RunInternalAsync] Git Credential Manager version 2.0.252-beta+fe025c12fc (Windows, .NET Framework 4.0.30319.42000) 'get' 10:01:46.218995 ...\Command.cs:63 trace: [ExecuteAsync] Start 'get' command... 10:01:46.228001 ...\Command.cs:74 trace: [ExecuteAsync] Detecting host provider for input: 10:01:46.229000 ...\Command.cs:75 trace: [ExecuteAsync] protocol=http 10:01:46.229000 ...\Command.cs:75 trace: [ExecuteAsync] host=<bitbucket host> 10:01:46.229000 ...\Command.cs:75 trace: [ExecuteAsync] username=<user> 10:01:46.264995 ...oviderRegistry.cs:84 trace: [GetProvider] Host provider override was set id='generic' 10:01:46.265994 ...\Command.cs:77 trace: [ExecuteAsync] Host provider 'Generic' was selected. 10:01:46.270995 ...\HostProvider.cs:115 trace: [GetCredentialAsync] Looking for existing credential in store with service=<BITBUCKET_BASE_URL> account=<user>... 10:01:46.275999 ...\HostProvider.cs:120 trace: [GetCredentialAsync] No existing credentials found. 10:01:46.275999 ...\HostProvider.cs:123 trace: [GetCredentialAsync] Creating new credential... 10:01:46.341992 ...icHostProvider.cs:60 trace: [GenerateCredentialAsync] Checking host '<BITBUCKET_BASE_URL>/' for Windows Integrated Authentication... 10:01:46.361994 ...Authentication.cs:36 trace: [GetIsSupportedAsync] HTTP: HEAD <BITBUCKET_BASE_URL>/ 10:01:46.365996 ...pClientFactory.cs:53 trace: [CreateClient] Creating new HTTP client instance... 10:01:46.836964 ...Authentication.cs:39 trace: [GetIsSupportedAsync] HTTP: Response code ignored. 10:01:46.838963 ...Authentication.cs:41 trace: [GetIsSupportedAsync] Inspecting WWW-Authenticate headers... 10:01:46.844964 ...icHostProvider.cs:65 trace: [GenerateCredentialAsync] Host does not support WIA. 10:01:46.844964 ...icHostProvider.cs:86 trace: [GenerateCredentialAsync] Prompting for basic credentials...

Cause

Windows integrated authentication(WIA) is not currently supported with Bitbucket server.

Solution

Workaround

The current workaround is to install third-party plugins that offer WIA support. Kerberos for Bitbucket lists available plugins on Marketplace.

Updated on April 24, 2025
Platform
Data Center only
Product
Bitbucket Data Center
On this pageSummaryDiagnosisCauseSolution

Still need help?

The Atlassian Community is here for you.
Ask the Community