Bitbucket Access Token
Service Name: Bitbucket
Service Description: Bitbucket is a Git-based source code repository hosting service owned by Atlassian. It offers both cloud-based and server-based versions for teams to collaborate on code development, manage Git repositories, and build, test, and deploy code.
Service Address: https://bitbucket.org/
Validation Type: API Auth
IP Allow list: IP restrictions can be configured at the workspace level through IP allowlists in Bitbucket Cloud Premium.
Secret Access Scope: Grants programmatic access to Bitbucket repositories, projects, and APIs based on the permissions of the user who created the token. Can be used for repository operations, CI/CD integrations, and API access.
Secret Revokement URL: https://bitbucket.org/account/settings/app-passwords/
Secret Example: ATBBXGAx2ReYwFmpPNwsn3XKhcSF358A7885
Suspicious Activity Investigation Instructions:
- Review Bitbucket audit logs for unusual repository access or operations
- Check for unauthorized repository clones, pulls, or pushes
- Monitor for unexpected code changes or repository modifications
- Verify if there are any new webhooks or integrations added to repositories
- Examine access patterns for unusual times or locations
- Check for unexpected branch creations or deletions
Mitigation Instructions:
-
Log in to your Bitbucket account
-
Navigate to your account settings by clicking on your profile picture and
selecting "Personal settings"
- Select "App passwords" from the left sidebar
- Locate the compromised token in the list
- Click the trash icon next to the token to revoke it
- Create a new token with appropriate permissions if needed
- Review repository access and permissions
- Enable two-factor authentication if not already enabled
- Consider rotating all access tokens as a precaution
- Review recent activity in repositories for any unauthorized changes