Bitbucket Cloud API privacy updates | deprecation notice (12 Oct 2018)

You may have noticed that today (01 Oct 2018), we published API updates (related to privacy improvements) and migration guides for Confluence Cloud and Jira Cloud. The changes for Bitbucket Cloud will be similar (ex: use of the Atlassian user ID instead of usernames). A detailed migration guide for Bitbucket Cloud will follow later this month.

5 Likes

The Bitbucket API deprecation notice is now available.

TL;DR (but you really should read it):

  • Introducing two new fields to the object body, Atlassian account ID (account_id) and nickname.
  • Deprecating the use of usernames from user objects through the API.
  • Replacing username fields with Atlassian Account ID

Please take the time to read through the doc, and use this thread for questions.

1 Like

Do the changes affect team objects?

Please find the new migration guide here!

https://developer.atlassian.com/cloud/bitbucket/bbc-gdpr-api-migration-guide/

1 Like

It mostly focuses on User objects, but there is some changes to what team objects return about membership. Take a look at the guide for more information

There is a typo in the table for field links.html.href. It says ‘Returns the users avatar’.

image

1 Like

In SonarCloud we want to display a link that will redirect user to its Bitbucket team or account (depending if our app was installed in a team or user account).
We were relying on links.html.href fields, that is planned for deletion. Can we still use it for teams? For users, is it fine to forge the URL: https://bitbucket.org/{user_uuid}?

2 Likes

I was also wondering how to provide a link to redirect to the Bitbucket team or account as asked by @julien.henry.

I was also wondering if the username field will still be returned with the team object as the team object doesn’t seem to return the nickname field.

Thanks!

2 Likes

thanks for pointing this out @julien.henry, will update accordingly.

Yes, you can forge the URL for now, but it will stop working in March, because we’re deprecating user profile pages (because GDPR means :zipper_mouth_face:).

We’re going to replace user profiles with a content-space for Users or Teams called a Workspace, which will serve as that new reference point, but it will only show what content is contained in that space.

So that is a long winded way of saying that the ability to point people at a user profile via the API is going away.

The team object will continue to return a username value, as Teams will still have unique names even in a future GDPR compliant world.

Thanks for the answers. I hope you will give us enough time between the introduction of Workspaces and the removal of https://bitbucket.org/{user_uuid} support so that we can update our app accordingly.

Hi @jcolli2,

I’m upgrading our app to handle the GDPR changes and just want to confirm a few things/ask a few follow ups:

  • It sounds like the concept of a user profile is going away based on your response here. Will there be some equivalent link for this user in the workspace? We display user’s avatar next to a link to their bitbucket profile in our app and would like to maintain a similar experience, even just linking to user activity in a workspace would be nice.

  • In the migration guide, it mentions that the avatar link “should be considered opaque”. Can you give more context as to what this means? Again, we’d love to display their picture next to their recent changes and want to make sure this is possible.

  • Will general (non-API) links that use {username}/{repository_name} continue to work? (for instance something like “https://bitbucket.org/mnomitch/personal/src/master/”) Or will these be replaced by uuid as well?

  • Will the “repository.full_name” change to show the uuid instead of username if a user is the owner?

Also, I wanted to note that the migration guide still wrongly says that links.html.href returns the user’s avatar. Just wanted to make sure that was cleared up!

Thanks a lot!

Hi,

This blog post is a bit confusing:

Does it apply to Bitbucket Cloud Apps? Or only to JIRA/Confluence?

Do we have to add:

    "apiMigrations": {
        "gdpr": true
    }

to our app descriptor?

Thanks

1 Like

Hey! - just wanted to follow up on my user-profile question here: Bitbucket Cloud API privacy updates | deprecation notice (12 Oct 2018) - #15 by mnomitch

Does anybody have docs around the links to user profiles going away? I’ve seen docs around users having more control over what data is exposed, but I haven’t seen references to the links/page disappearing completely as @jcolli2 mentioned.

Thanks in advance!

@julien.henry - No. Its for Jira and Confluence only.

Hey @akassab,

Sorry to be a bother/spammy, but can you provide more info on this:

Is that accurate for BitBitcket? Is there some workaround/equivalent link?

Thanks!

@mnomitch - Not sure. I’ll invite a few Bitbucket people back to this chat.

1 Like