Team Members API returns different result than User Permissions API

I’m seeing some inconsistent behavior with the Bitbucket REST API. I’m hesitant to say this is a bug, but something certainly isn’t adding up.

I’m using User A’s Bitbucket access token, and calling the teams/{username}/members API to list the members of a Bitbucket Team.{username}/members

This works as expected, returning a paginated list of team members along with their role and user UUIDs. The response is returning User B’s UUID, stating that User B is a member of the Bitbucket Team.

I then want to double-check / confirm User B is a member of the Bitbucket Team. I use User B’s Bitbucket access token and call the /user/permissions/teams endpoint. This returns all of the teams the user has permissions to.

However, for that second API call I am getting a 200 response with an empty array of memberships. In other words, to User B at least, it appears that they are not a member of any Bitbucket Teams. However, according to User A when looking up the members of a given Team, User B is an actual member.

These API calls work fine for a SaaS product I work on. However, for a particular Bitbucket Team and user I’m getting this different behavior.

Could it be some subtle aspect of the particular user’s role in the Team or something? What other steps can I take to troubleshoot/investigate this issue?

Hello from Bitbucket! So I noticed that you’re using the teams endpoint – you should be using the workspaces API and the corresponding user/permissions/workspaces endpoint. I suspect this might be the root cause, but lemme check with some teammates to see.

@chrisatpulumi could you create a Support Ticket so that you can provide more info? just skip the “Workspace URL” part