BitBucket App Password
Description
General
- Documentation: https://support.atlassian.com/bitbucket-cloud/docs/app-passwords/
- Summary: Bitbucket provides hosting for source code and software development that use Mercurial or Git as Version Control Systems.
App passwords are user-based access tokens designed to be used for a single purpose with limited permissions. The permissions can include access to account data, repositories, etc.
- IPs allowlist: There is no IP allowlisting possible.
- Scopes: The permissions associated with the App Password can be configured, see docs.
Revoke the secret
An App Password can be revoked from the bitbucket settings, see docs.
Check for suspicious activity
Not available for now.
Details for BitBucket App Password Basic Auth
-
Family: credentials
-
Category: version_control_platform
-
Company: Bitbucket
-
High recall: False
-
Validity check available: True
-
Analyzer available: True
-
On-premise instances exist: False
-
Only valid secrets raise an alert: False
-
Minimum number of matches: 2
-
Occurrences found for one million commits: 0.84
-
Prefixed: False
-
PreValidators:
- type: ContentWhitelistPreValidator
patterns:
- atbb
- type: ContentWhitelistPreValidator
patterns:
- bitbucket
Examples
- text: |
https://user_name-ok:ATBB5hSDa5zDng3U13qeLPFbxFaGl0GOhWet@bitbucket.org
username: user_name-ok
password: ATBB5hSDa5zDng3U13qeLPFbxFaGl0GOhWet
Details for BitBucket App Password
-
Family: credentials
-
Category: version_control_platform
-
Company: Bitbucket
-
High recall: False
-
Validity check available: True
-
Analyzer available: True
-
On-premise instances exist: False
-
Only valid secrets raise an alert: False
-
Minimum number of matches: 2
-
Occurrences found for one million commits: 0.125
-
Prefixed: False
-
PreValidators:
- type: ContentWhitelistPreValidator
patterns:
- atbb
Examples
- text: |
bitbucket_user: nnfkezniofez
bitbucket_password: ATBB5hSDa5zDng3U13qeLPFbxFaGl0GOhWet@bitbucket.org
username: nnfkezniofez
password: ATBB5hSDa5zDng3U13qeLPFbxFaGl0GOhWet
Secret Analyzer
Analysis Method
- Provider allows scopes enumeration: False
- Total network call count: 50
- Total call count may vary: True
HTTP Calls
Requests are designed to capture metadata and not to function effectively.
- GET: /2.0/repositories?role=member
- GET: /2.0/user/permissions/repositories
- GET: /2.0/user/permissions/workspaces
- HEAD: /2.0/repositories
Other Calls
Non-HTTP queries or HTTP calls made through a third-party app (e.g., Python package). No other calls for this analyzer.
