Skip to main content

Integrate a new Bitbucket Cloud source

GitGuardian integrates with your Bitbucket Cloud workspace using an App password. For more details on App passwords, refer to the Bitbucket Cloud documentation.

Setup

Create an API token

The API token must be generated by the Workspace Owner of the workspace(s) you intend to monitor. This grants the necessary permissions to automatically create the required webhooks.

  1. Log in to Bitbucket Cloud as the Workspace Owner;

  2. Navigate to the Profile and visibility within the Atlassian account settings;

  3. Get the email address in the Bitbucket profile settings

    Bitbucket Cloud Email

  4. On the Atlassian account page, navigate to the API tokens section within the security settings;

  5. Click on "Create API token with scopes" to start the creation of your API token. Use a simple name such as "GitGuardian". We recommend you set the expiration date to 1 year, this is the maximum allowed.

  6. On the "Select app" page, select "Bitbucket".

  7. On the "Select scopes" assign the following scopes:

    • read:project:bitbucket
    • delete:webhook:bitbucket
    • read:webhook:bitbucket
    • write:webhook:bitbucket
    • read:repository:bitbucket
    • read:user:bitbucket
    • read:workspace:bitbucket
    • read:permission:bitbucket

  8. On the final "Create token page", recheck that the scopes are correct:

    API token scopes

  9. Get the API token

    API token

Integrate your Bitbucket workspaces with GitGuardian

  1. Navigate to Settings > Integrations > Sources.

  2. Click on Install for Bitbucket Cloud.

  3. Enter the email from your Atlassian account and the API token generated earlier. Add a name for the integration, then click Configure.

    Configure Bitbucket Cloud integration

  4. On the configuration page, review the list of workspaces your Bitbucket Cloud user has access to. Click Install for each workspace you want to monitor.

    Install Bitbucket Cloud workspaces

  5. That's it! You can view the monitored projects and repositories in your Bitbucket Cloud settings page.

    See monitored repositories

Automatic historical scan

By default, GitGuardian runs a historical scan on every Bitbucket Cloud repository added to the monitored perimeter.

To disable this feature, navigate to your Bitbucket Cloud settings. Only workspace Managers can modify this setting.

Customize your monitored perimeter

After installing your Bitbucket Cloud instance(s), you can configure which projects to monitor in the Bitbucket Cloud settings.

If you deselect an entity (a repository, a project or a whole workspace) from your monitored perimeter:

  • GitGuardian will stop fetching commits from that entity, new incidents will not be uncovered and existing incidents won't be updated for this entity.
  • The webhook will remain active, allowing you to resume monitoring anytime.
Last updated on

Something we didn’t cover?

See our Roadmap

Subscribe on GitHub

Submit a request

API status