BitBucket Cloud Onboarding
Navigation Path
Management → Accounts & Integrations → Add New Account (top right) → Bitbucket
Overview
The Bitbucket Cloud Integration allows SailPoint Entro to continuously scan repositories for secrets, tokens, and credentials exposed across commits. SailPoint Entro connects to Bitbucket using secure read-only API access, ensuring no data is modified or deleted.
-
Check Your Username
Your username is required to authenticate when connecting Bitbucket to SailPoint Entro.
-
Log in to Atlassian Cloud and go to this link: [
https://id.atlassian.com/manage-profile/profile-and-visibility](https://id.atlassian.com/manage-profile/profile-and-visibility) -
Under Account Profile Settings, locate Email address
-
Copy your account email address - you will need it during SailPoint Entro onboarding.
-
-
Create an API Token
Create Atlassian BitBucket API Token:
-
Sign in to [
https://id.atlassian.com/manage-profile/security/api-tokens](https://id.atlassian.com/manage-profile/security/api-tokens) -
Click Create API token with scopes.
-
Give it a name (for example :
SailPoint Entro Integration) and select an expiration date. -
Click Next.
-
Choose the Bitbucket application, then click Next.
-
In the search box, type read and enable all read permissions that are not marked “Classic” (15 scopes total).
-
Confirm that Bitbucket is selected as the target application and click Create token.
-
Copy and securely store the generated token - it will be needed in SailPoint Entro.
-
-
Connect Bitbucket to SailPoint Entro
In the SailPoint Entro Console, navigate to: Management → Accounts & Integrations → Add New Account → Bitbucket
Complete the onboarding form as follows:
Field Description Environment Type Select the relevant environment (e.g., Production / Staging) Company Nickname Any descriptive name for this account Bitbucket User Email Address Paste the user email address from Step 1 Bitbucket App Password or API Token Paste the credential from Step 2 or 3 Worker Group (Connector) Select the SailPoint Entro Connector handling Bitbucket scans Then click Create Account.
SailPoint Entro will validate your credentials and start the initial repository synchronization.
-
Verify Integration
Once connected:
-
Go to Integrations → Bitbucket in the SailPoint Entro Dashboard.
-
Confirm that the integration status is Active.
-
Verify that repositories are listed and scanning is in progress.
-
Check the Last Synchronization timestamp.
Your Bitbucket Cloud integration is now active.
-
Security & Compliance
-
All SailPoint Entro actions are read-only; no changes are made to your repositories.
-
Tokens are encrypted in memory and transmitted only via TLS 1.2+.
-
Access scopes are restricted to repository metadata and commit history.
-
SailPoint Entro is certified for SOC 2 Type II, ISO 27001, and GDPR compliance.