Cannot Use Current Password To Access Bitbucket Cloud API

I have an application that does rest calls to both Jira and Bitbucket. For authorization, it takes your username + password, encodes it, and uses it as part of basic authentication on the requests.

That broke on new accounts a few weeks ago, due to the username:password being deprecated, at least for Jira.

I fixed the Jira side by getting an Atlassian token and using that, so the authentication is now username:token (encoded). No problem talking to Jira.

HOWEVER, I can no longer talk to Bitbucket. Using that token results in authentication errors. Trying to set up a separate username:password authentication also fails on Bitbucket, UNLESS I use my very old password (about 4 passwords ago).

For instance, I’m trying a simple GET call with the Chrome Advanced REST Client.

If the authentication is not right, it fails with 401 unauthorized. I’ve tried:

  • basic: username + Atlassian token ==> fail
  • basic: username + current password ==> fail
  • basic: username + really old password ==> success
  • basic: username + app password from bitbucket ==> fail
  • token: app password from bitbucket ==> fail, saying my token has expired

Anyone have ideas on how I can either
a) use the Atlassian token for authentication on both jira and bitbucket?
b) use something from bitbucket for authentication on bitbucket?


1 Like

I think you are supposed to use email + API token, see

Also, for bitbucket cloud, there is the concept of app passwords:

1 Like

More specifically, this section:

Using an app password

An app password is a substitute password for your user account, when authenticating with Bitbucket:

  • username: your Bitbucket username
  • password: the app password

This applies to direct API access (e.g. via curl with HTTP authentication) as well as for tools that integrate with Bitbucket via the HTTP API. As mentioned above, you cannot log in to the Bitbucket web interface with an app password.


THIS was the hint I needed. I was assuming that I could use the same username that was working in Jira (since it used to be the same username:password that worked). Nope, bitbucket username looks completely different.

Thank you very much for the help.

This greatly helped as well - Bitbucket username is not necessarily an email address, especially if you are logging in using Google/etc.

Username can be found/set on

1 Like