BitBucket App Password

Description

General

• Documentation: https://support.atlassian.com/bitbucket-cloud/docs/app-passwords/
• Summary: Bitbucket provides hosting for source code and software development that use Mercurial or Git as Version Control Systems.

App passwords are user-based access tokens designed to be used for a single purpose with limited permissions. The permissions can include access to account data, repositories, etc.

• IPs allowlist: There is no IP allowlisting possible.
• Scopes: The permissions associated with the App Password can be configured, see docs.

Revoke the secret

An App Password can be revoked from the bitbucket settings, see docs.

Check for suspicious activity

Not available for now.

Details for Bitbucket app password url

• Family: Api

• Category: Version control platform

• Company: Bitbucket

• High recall: False

• Validity check available: True

• On-premise instances exist: False

• Only valid secrets raise an alert: False

• Minimum number of matches: 2

• Occurrences found for one million commits: 0.84

• Prefixed: False

• PreValidators:

- type: ContentWhitelistPreValidator
  patterns:
    - atbb
- type: ContentWhitelistPreValidator
  patterns:
    - bitbucket

Examples

- text: |
    https://user_name-ok:ATBB5hSDa5zDng3U13qeLPFbxFaGl0GOhWet@bitbucket.org
  username: user_name-ok
  password: ATBB5hSDa5zDng3U13qeLPFbxFaGl0GOhWet