How can I create branch-restriction for a group via the 2.0 API?

I am using the instructions at to create a branch-restriction on a repository, limiting permissions to a group. I am using PowerShell. I have tried using cURL and Invoke-RestMethod and neither work when I try to pass in a group. I get a “malformed groups” error. I can create a branch-restriction without a group. I’ve tried a number of formats for the groups value, but none of them work. I’ve tried a string with the group name, a string with the full_slug, a string with the slug, an array with each of name, full_slug, and slug, a hash table with the full group data, an array with the hash table with the full group data, etc. Could someone help by providing the format I need to use? I would prefer to use Invoke-RestMethod in PowerShell. Following is an example of what I’ve tried:

$username = "username"
$password = "password"
$base64AuthInfo = [Convert]::ToBase64String([Text.Encoding]::ASCII.GetBytes(("{0}:{1}" -f $username,$password)))
$bitbucketRestUri = ""
$group = @{"name"="Release Administrators";"links"="";"account_privilege"="collaborator";"full_slug"="project:release-administrators";"owner"="";"type"="group";"slug"="release-administrators"} | ConvertTo-Json
$groups = @($group)
$body = @{"kind"="restrict_merges";"pattern"="develop";"groups"=$groups}
Invoke-RestMethod -Headers @{Authorization=("Basic {0}" -f $base64AuthInfo)} -body $body -Method POST -Uri $bitbucketRestUri

Wendy, were you ever able to come up with working code to create branch restrictions via PowerShell?

Best Regards,


No I was not. If you have any ideas, I’d love to hear them.

I will likely be tasked with writing something along these lines soon to prevent developers from accidentally committing to the “release” branch for a given sprint after QA has signed off on that release. I’ll post whatever I come up with if I get something working.

I was finally able to accomplish this by using the GET method on an existing branch restriction that was restricted to the specific group I needed. I then copied the value returned for the group into the value for groups. I also needed to switch to sending in a json string for the body and use -ContentType ‘application/json’ in the Invoke-RestMethod.