Bitbucket OAuth Credentials
Service Name: Bitbucket
Service Description: Bitbucket is a Git-based source code repository hosting service owned by Atlassian. It offers both commercial plans and free accounts with an unlimited number of private repositories.
Service Address: https://bitbucket.org/
Validation Type: API Auth
IP Allow list: IP restrictions can be configured at the workspace level through IP allowlists in Bitbucket Cloud Premium.
Secret Access Scope: Grants programmatic access to Bitbucket repositories, pull requests, pipelines, and other Bitbucket resources based on the OAuth app's permissions.
Secret Revokement URL: https://bitbucket.org/account/settings/app-authorizations/
Secret Example: Client ID: 8X7tyz3MnAjtRAfpUT, Client Secret: VNVn7FgpUR3zj8yEX5XmTPfD9utCKA2P
Suspicious Activity Investigation Instructions:
- Review the OAuth application's access logs in Bitbucket.
- Check for unauthorized repository access or modifications.
- Monitor for unusual pull requests, commits, or pipeline executions.
- Review webhook configurations for any unauthorized changes.
- Check for new or modified access tokens associated with the OAuth app.
Mitigation Instructions:
- Navigate to Bitbucket app authorizations.
- Locate the compromised OAuth application in the list of authorized applications.
- Select Revoke to immediately remove the application's access to your Bitbucket account.
- Create a new OAuth application with fresh credentials if needed.
- Review repository access logs for any unauthorized activities.
- Consider enabling two-factor authentication for your Bitbucket account if not already enabled.
- Check for any unauthorized webhooks or integrations that may have been added.