Cannot Use Current Password To Access Bitbucket Cloud API

I have an application that does rest calls to both Jira and Bitbucket. For authorization, it takes your username + password, encodes it, and uses it as part of basic authentication on the requests.

That broke on new accounts a few weeks ago, due to the username:password being deprecated, at least for Jira.

I fixed the Jira side by getting an Atlassian token and using that, so the authentication is now username:token (encoded). No problem talking to Jira.

HOWEVER, I can no longer talk to Bitbucket. Using that token results in authentication errors. Trying to set up a separate username:password authentication also fails on Bitbucket, UNLESS I use my very old password (about 4 passwords ago).

For instance, I’m trying a simple GET https://api.bitbucket.org/2.0/user call with the Chrome Advanced REST Client.

If the authentication is not right, it fails with 401 unauthorized. I’ve tried:

  • basic: username + Atlassian token ==> fail
  • basic: username + current password ==> fail
  • basic: username + really old password ==> success
  • basic: username + app password from bitbucket ==> fail
  • token: app password from bitbucket ==> fail, saying my token has expired

Anyone have ideas on how I can either
a) use the Atlassian token for authentication on both jira and bitbucket?
b) use something from bitbucket for authentication on bitbucket?

Thanks.

I think you are supposed to use email + API token, see https://confluence.atlassian.com/cloud/api-tokens-938839638.html.

Also, for bitbucket cloud, there is the concept of app passwords: https://confluence.atlassian.com/bitbucket/app-passwords-828781300.html

1 Like

More specifically, this section:

Using an app password

An app password is a substitute password for your user account, when authenticating with Bitbucket:

  • username: your Bitbucket username
  • password: the app password

This applies to direct API access (e.g. via curl with HTTP authentication) as well as for tools that integrate with Bitbucket via the HTTP API. As mentioned above, you cannot log in to the Bitbucket web interface with an app password.

1 Like

THIS was the hint I needed. I was assuming that I could use the same username that was working in Jira (since it used to be the same username:password that worked). Nope, bitbucket username looks completely different.

Thank you very much for the help.