Skip to main content

Bitbucket Access Token

Description

General

  • Documentation: https://bitbucket.org/
  • Summary: Bitbucket is a Git-based source code repository hosting service. It is a part of the Atlassian products.
  • IPs allowlist: This feature is not available.
  • Scopes: It is possible to configure specific scopes when creating the access tokens.

Revoke the secret

Secrets can be revoked through the admin interface: https://bitbucket.org/[workspace_name]/[repository_name]/admin/access-tokens

Check for suspicious activity

No usage information is available in the dashboard.

Details for Bitbucket access token

  • Family: token

  • Category: version_control_platform

  • Company: Atlassian

  • High recall: False

  • Validity check available: True

  • Analyzer available: True

  • On-premise instances exist: False

  • Only valid secrets raise an alert: True

  • Minimum number of matches: 1

  • Occurrences found for one million commits: 0.18

  • Prefixed: False

  • PreValidators:

- type: ContentWhitelistPreValidator
patterns:
- at[a-z]tt3x
- type: ContentWhitelistPreValidator
patterns:
- bitbucket

Examples

- text: bitbucket_access_token=ATCTT3xFfGN0Zj82epTRI8UyjhsKXIfAfDSFdJiMVwktsTAIsg-fcKyAlkK3cFiHo9hJRB5Nc0sZhg8BYSY0HQjHQgDp75wWSvr-puB6nWvjDledLKYDKOvbFJ01-iMkZu6J_KF7eKU88t67YALjS30xtfdM-Su4-KMShZa6ADqYTAXPRAiuLfg=F41864D1
apikey: ATCTT3xFfGN0Zj82epTRI8UyjhsKXIfAfDSFdJiMVwktsTAIsg-fcKyAlkK3cFiHo9hJRB5Nc0sZhg8BYSY0HQjHQgDp75wWSvr-puB6nWvjDledLKYDKOvbFJ01-iMkZu6J_KF7eKU88t67YALjS30xtfdM-Su4-KMShZa6ADqYTAXPRAiuLfg=F41864D1

Secret Analyzer

Analysis Method

  • Provider allows scopes enumeration: False
  • Total network call count: 2
  • Total call count may vary: True

HTTP Calls

Requests are designed to capture metadata and not to function effectively.

  • GET: /2.0/repositories?role=member
  • HEAD: /2.0/repositories

Other Calls

No other calls for this analyzer.