Changes for page Create HTTP Access Token for git usage
Last modified by Boris Folgmann on 2026/02/03 13:06
From version 5.1
edited by Boris Folgmann
on 2026/02/03 13:06
on 2026/02/03 13:06
Change comment:
There is no comment for this version
To version 3.1
edited by Boris Folgmann
on 2026/02/03 12:11
on 2026/02/03 12:11
Change comment:
There is no comment for this version
Summary
-
Page properties (2 modified, 0 added, 0 removed)
-
Attachments (0 modified, 1 added, 0 removed)
Details
- Page properties
-
- Title
-
... ... @@ -1,1 +1,1 @@ 1 -Create HTTP Access Token for gitusage1 +Create HTTP Access Token for project or repository access - Content
-
... ... @@ -1,11 +1,18 @@ 1 -D uetosecurityreasons,you cannotuseyour passwordinsidea gitlient whenyou connect to Bitbucket.Instead,you havetouse an HTTPAccessToken.Togenerate one,logintoheDevOpsPortal andclick"HTTP Access Tokens"in theBitbuckettileofthedashboard. See screenshotbelow:1 +The DevOps Portal allows you to create technical users on Bitbucket to which you can assign roles in different projects. The disadvantage is, that one Bitubucket license will be occupied by this technical user. Therefore, as an alternative consider creating an HTTP access token. It's suitable if access permissions for a single project are sufficient. It's also very suitable if you are explicitly interested in limiting the access to a single git repository. 2 2 3 - [[image:1723636654762-377.png||height="197" width="393"]]3 +To create such an HTTP access token open the settings of the Bitbucket project or repository. In the Security section click on "HTTP access tokens". The page will look like shown in the screenshot below. 4 4 5 - The vendor documentation well describes[[How to create HTTP access tokens on Bitbucket>>url:https://confluence.atlassian.com/bitbucketserver089/http-access-tokens-1236435579.html]], but does not specify which Project and Repository permissions should be chosen forgit clients.5 +[[image:1770120158545-447.png]] 6 6 7 -Normal git clients will not interact with the proprietary APIs of Bitbucket, e.g. for handling pull-requests. Instead, git clients just use the standardized git protocol for actions like git clone, pull, and push. The recommended settings for an HTTP access token following the least-privilege principle are: 8 8 9 - //Projectread//and//Repositorywrite//.Seethefollowing screenshot:8 +Now click on "Create token" and create the token with the required permissions. 10 10 11 -[[image:1718784695894-646.png||data-xwiki-image-style-border="true" height="586" width="526"]] 10 +To use the token for communicating with Bitbucket for automation tasks make sure to authenticate like this: 11 + 12 +* Username: "x-token-auth" (static text) 13 +* Password: value of the access token 14 + 15 +[[DevOps Portal 2.1.9>>Blog.DevOps Portal 2\.1\.9]] and later uses the same approach to allow Jenkins to retrieve the source codes from Bitbucket projects. 16 + 17 + 18 +
- 1770120158545-447.png
-
- Author
-
... ... @@ -1,0 +1,1 @@ 1 +xwiki:XWiki.borisfolgmannt-systemscom - Size
-
... ... @@ -1,0 +1,1 @@ 1 +91.7 KB - Content