Changes for page Create HTTP Access Token for git usage
Last modified by Boris Folgmann on 2026/02/03 13:06
From version 1.2
edited by Boris Folgmann
on 2026/02/03 11:57
on 2026/02/03 11:57
Change comment:
There is no comment for this version
To version 3.1
edited by Boris Folgmann
on 2026/02/03 12:11
on 2026/02/03 12:11
Change comment:
There is no comment for this version
Summary
-
Page properties (1 modified, 0 added, 0 removed)
-
Attachments (0 modified, 1 added, 0 removed)
Details
- Page properties
-
- Content
-
... ... @@ -1,14 +1,18 @@ 1 -The DevOps Portal allows you to create technical users on Bitbucket to which you can assign roles in different projects. The disadvantage is, that one Bitubucket lic 1 +The DevOps Portal allows you to create technical users on Bitbucket to which you can assign roles in different projects. The disadvantage is, that one Bitubucket license will be occupied by this technical user. Therefore, as an alternative consider creating an HTTP access token. It's suitable if access permissions for a single project are sufficient. It's also very suitable if you are explicitly interested in limiting the access to a single git repository. 2 2 3 +To create such an HTTP access token open the settings of the Bitbucket project or repository. In the Security section click on "HTTP access tokens". The page will look like shown in the screenshot below. 3 3 4 - Due to security reasons, you cannot use your password inside agit client when you connect to Bitbucket.Instead, you have to use an HTTP Access Token. To generate one, log in to the DevOps Portal and click "HTTP Access Tokens" in the Bitbucket tile of the dashboard. See screenshot below:5 +[[image:1770120158545-447.png]] 5 5 6 -[[image:1723636654762-377.png||height="197" width="393"]] 7 7 8 - The vendor documentationwelldescribes[[Howto createHTTP accesstokensonBitbucket>>url:https://confluence.atlassian.com/bitbucketserver089/http-access-tokens-1236435579.html]],butdoesnot specify which Project andRepository permissionsshould be chosen for git clients.8 +Now click on "Create token" and create the token with the required permissions. 9 9 10 - Normalgitclientswill notinteract withthe proprietary APIs ofBitbucket,e.g.forhandling pull-requests. Instead, gitclientsjustusethestandardizedgitprotocolforactions like git clone, pull, and push. Therecommended settings for an HTTP accesstokenfollowing theleast-privilege principle are:10 +To use the token for communicating with Bitbucket for automation tasks make sure to authenticate like this: 11 11 12 -//Project read// and //Repository write//. See the following screenshot: 12 +* Username: "x-token-auth" (static text) 13 +* Password: value of the access token 13 13 14 -[[image:1718784695894-646.png||height="586" width="526"]] 15 +[[DevOps Portal 2.1.9>>Blog.DevOps Portal 2\.1\.9]] and later uses the same approach to allow Jenkins to retrieve the source codes from Bitbucket projects. 16 + 17 + 18 +
- 1770120158545-447.png
-
- Author
-
... ... @@ -1,0 +1,1 @@ 1 +xwiki:XWiki.borisfolgmannt-systemscom - Size
-
... ... @@ -1,0 +1,1 @@ 1 +91.7 KB - Content