Forums
Home Product Q&A Discussion groups Articles Ask a question Search
Learning
Events
Champions

Forums

Articles
Create
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Does pipe Bitbucket trigger pipeline work with account which have 2 factor authentication?

t1279k
t1279k
Contributor
May 2, 2021

I am trying to use Bitbucket trigger pipeline . I have setup 2 factor authentication for my Bitbucket account. We need to provide username and password for the pipe to work. Looking at the source of the pipe if is using basic authentication.

Basic HTTP Authentication as per RFC-2617 (Digest not supported). Note that Basic Auth with username and password as credentials is only available on accounts that have 2-factor-auth / 2-step-verification disabled. If you use 2fa, you should authenticate using OAuth2 instead.

Ref: https://developer.atlassian.com/bitbucket/api/2/reference/meta/authentication

Will this pipe work for account which have 2 factor authentication. If not can this pipe be enhanced?

Answer
Watch
Like Be the first to like this
521 views

1 answer

0 votes
Halyna Berezovska
Halyna Berezovska
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
May 5, 2021 edited

@t1279k thanks for the question,

Our pipe is based on bitbucket api.

Bitbucket api have several methods to authenticate.

For now, you can setup app password and give it least granular permissions that are needed to execute (running pipeline permission, access to repositories for example etc.).

This is explained in the last section in the doc you mentioned.

 

The second way is to setup OAuth consumer which is also explained there. But this way is not supported right now in our pipe, BUT supported via Bitbucket Api. We will think about this update and discuss, it seems handy , useful and important change.

If you have setup 2factor for account, app password that we use still should work. E.g., it works for my account.I quote the sentence in doc mentioned:

Some important points about app passwords: 

  • You cannot use them to log into your Bitbucket account.

  • You can use them for API call authentication, even if you don't have two-step verification enabled.

 

Please, give us the feedback if it does not.

 

 I guess, that basic auth there is mentioned in the way you cannot use your password to authenticate, but instead you still can create app passwords that are different from your password

However, we will also discuss the change to support Oauth consumers, it is nice suggestion, thanks.

 

Regards, Galyna

Reply

Suggest an answer

Log in or Sign up to answer
Bitbucket
Bitbucket
TAGS
AUG Leaders

Atlassian Community Events

Community
Forums
FAQs Forums guidelines
Learning
About learning Resources
Events
Champions
Copyright © 2025 Atlassian
Privacy Policy Terms Security
Welcome illustration

Welcome to the new Atlassian Community

Online forums and learning are now in one easy-to-use experience.

By continuing, you accept the updated Community Terms of Use and acknowledge the Privacy Policy. Your public name, photo, and achievements may be publicly visible and available in search engines.