Bitbucket Cloud API privacy updates | deprecation notice (12 Oct 2018)

It mostly focuses on User objects, but there is some changes to what team objects return about membership. Take a look at the guide for more information

There is a typo in the table for field links.html.href. It says ‘Returns the users avatar’.


1 Like

In SonarCloud we want to display a link that will redirect user to its Bitbucket team or account (depending if our app was installed in a team or user account).
We were relying on links.html.href fields, that is planned for deletion. Can we still use it for teams? For users, is it fine to forge the URL:{user_uuid}?


I was also wondering how to provide a link to redirect to the Bitbucket team or account as asked by @julien.henry.

I was also wondering if the username field will still be returned with the team object as the team object doesn’t seem to return the nickname field.



thanks for pointing this out @julien.henry, will update accordingly.

Yes, you can forge the URL for now, but it will stop working in March, because we’re deprecating user profile pages (because GDPR means :zipper_mouth_face:).

We’re going to replace user profiles with a content-space for Users or Teams called a Workspace, which will serve as that new reference point, but it will only show what content is contained in that space.

So that is a long winded way of saying that the ability to point people at a user profile via the API is going away.

The team object will continue to return a username value, as Teams will still have unique names even in a future GDPR compliant world.

Thanks for the answers. I hope you will give us enough time between the introduction of Workspaces and the removal of{user_uuid} support so that we can update our app accordingly.

Hi @jcolli2,

I’m upgrading our app to handle the GDPR changes and just want to confirm a few things/ask a few follow ups:

  • It sounds like the concept of a user profile is going away based on your response here. Will there be some equivalent link for this user in the workspace? We display user’s avatar next to a link to their bitbucket profile in our app and would like to maintain a similar experience, even just linking to user activity in a workspace would be nice.

  • In the migration guide, it mentions that the avatar link “should be considered opaque”. Can you give more context as to what this means? Again, we’d love to display their picture next to their recent changes and want to make sure this is possible.

  • Will general (non-API) links that use {username}/{repository_name} continue to work? (for instance something like “”) Or will these be replaced by uuid as well?

  • Will the “repository.full_name” change to show the uuid instead of username if a user is the owner?

Also, I wanted to note that the migration guide still wrongly says that links.html.href returns the user’s avatar. Just wanted to make sure that was cleared up!

Thanks a lot!


This blog post is a bit confusing:

Does it apply to Bitbucket Cloud Apps? Or only to JIRA/Confluence?

Do we have to add:

    "apiMigrations": {
        "gdpr": true

to our app descriptor?


1 Like

Hey! - just wanted to follow up on my user-profile question here: Bitbucket Cloud API privacy updates | deprecation notice (12 Oct 2018)

Does anybody have docs around the links to user profiles going away? I’ve seen docs around users having more control over what data is exposed, but I haven’t seen references to the links/page disappearing completely as @jcolli2 mentioned.

Thanks in advance!

@julien.henry - No. Its for Jira and Confluence only.

Hey @akassab,

Sorry to be a bother/spammy, but can you provide more info on this:

Is that accurate for BitBitcket? Is there some workaround/equivalent link?


@mnomitch - Not sure. I’ll invite a few Bitbucket people back to this chat.

1 Like

Just out of curiosity: what is going to happen with the slug?

For instance, I have username rbolte so my public repositories are accessible through Is this going to change? And if not, how are we supposed to access the slug? Is that going to be the nickname?

@remie, I am fairly positive that the first part of the slug will change to be the user’s uuid (assuming a user owns the repo). If you enter a uri-encoded uuid as the username now, you will get properly directed to the repo.

1 Like

Just out of curiosity: will it no longer be possible to see your fellow team members in BitBucket?{username}/members

Other tools (read: GitHub) still have this feature in a post-GDPR world. If we are using nicknames / non-identifiable handlers, it should still be possible right?

1 Like

Actually, it should always be possible if the user consents to it. Given that users get to choose their username/nickname/handle, one could argue that there is no limitation in GDPR that prevents Atlassian from using this (even if it ultimately identifies people) based on the fact that they consent to this.

It would only require Atlassian to A) update their privacy policy and B) provide an easy way to change usernames/nicknames/handles in order for users that object to an identifiable username/nickname/handle.

Many of these GDPR changes seem… not related to GDPR :thinking:

@mnomitch, did you find out anything about this? This is a key question. :wink:

Indeed - how can we otherwise create pull-requests via the API?
we have a tool that allows our developers to create pull requests. These now require an account_id when specifying reviewers. So we need a way to convert from a reviewer’s name to their account id.