Skip to content

Bitbucket Access Token

Service Name: Bitbucket

Service Description: Bitbucket is a Git-based source code repository hosting service owned by Atlassian. It offers both cloud-based and server-based versions for teams to collaborate on code development, manage Git repositories, and build, test, and deploy code.

Service Address: https://bitbucket.org/

Validation Type: API Auth

IP Allow list: IP restrictions can be configured at the workspace level through IP allowlists in Bitbucket Cloud Premium.

Secret Access Scope: Grants programmatic access to Bitbucket repositories, projects, and APIs based on the permissions of the user who created the token. Can be used for repository operations, CI/CD integrations, and API access.

Secret Revokement URL: https://bitbucket.org/account/settings/app-passwords/

Secret Example: ATBBXGAx2ReYwFmpPNwsn3XKhcSF358A7885

Suspicious Activity Investigation Instructions:

  • Review Bitbucket audit logs for unusual repository access or operations
  • Check for unauthorized repository clones, pulls, or pushes
  • Monitor for unexpected code changes or repository modifications
  • Verify if there are any new webhooks or integrations added to repositories
  • Examine access patterns for unusual times or locations
  • Check for unexpected branch creations or deletions

Mitigation Instructions:

  • Log in to your Bitbucket account

  • Navigate to your account settings by clicking on your profile picture and

selecting "Personal settings"

  • Select "App passwords" from the left sidebar
  • Locate the compromised token in the list
  • Click the trash icon next to the token to revoke it
  • Create a new token with appropriate permissions if needed
  • Review repository access and permissions
  • Enable two-factor authentication if not already enabled
  • Consider rotating all access tokens as a precaution
  • Review recent activity in repositories for any unauthorized changes