Authenticating as an app (and not as the user that installed the app)


When I use the JWT to authenticate my application and post comments on a pull request, I am authenticated at the user that installed my app. On the other hand, I would like to be authenticated as an App. Authenticating as the installed user to post code review comment is weird and not the best user experience.

GitHub has this concept with their GitHub app when the application can be seen as a “third-party”. Is this something similar available for bitbucket app? Reading the documentation, it does not look like it but I do see applications posting code review comments under a company name. I guess there is a way to proceed then.


1 Like

Up here - anybody from the Atlassian staff that could help?

I am developing an app that does code review and therefore, this is one critical/important aspect of the application. How can I then post code review under my app name and not the user that installed the App?


We recommend you to use the currently supported App Model.

Thanks a lot for this feature request, we are tracking the interest in this feature using this ticket [BCLOUD-11739] Request for technical ('bot') users to support integrations using the Bitbucket REST API - Create and track feature requests for Atlassian products. . We will post updates to this ticket from time to time; none currently unfortunately!

Can you also give us some more insights into the use-cases? How do you expect the app install flow to behave?

Thanks for your reply! What do you mean bu the “currently supported App Model”?

Is it documented somewhere?