Community Announcements have moved! To stay up to date, please join the new Community Announcements group today. Learn more

×
Forums
Home Product Q&A Discussion groups Articles Ask a question Search
Learning
Events
Champions
Community
Forums
Home Product Q&A Discussion groups Articles Ask a question Search
Learning Events Champions
Forums
Home Product Q&A Discussion groups Articles Ask a question Search
Learning Events Champions

Forums

Articles
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Attempting to update deployment variables through API with a token fails.

Brian_Daniels
Brian_Daniels
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
August 15, 2025

We are trying to update some tooling we have to set repo and deployment variables through the api to use API tokens instead of app passwords in light of their deprecation.

This works fine for repo variables, but when we try to set a deployment variable through the /deployments_config/environments/(env_uuid)/variables/ API call it returns a 403 error of 'This API is not accessible by this authentication mechanism'.

Calling the same endpoint with an app password works and updates the variable.  The token has a scope of read:pipeline:bitbucket and admin:pipeline:bitbucket.

How can we update these when authenticating using an API token?

Answer
Watch
Like Be the first to like this
132 views

2 answers

1 accepted

0 votes
Answer accepted
Ben
Ben
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
August 17, 2025

Hi @Brian_Daniels 

The correct minimum scope to update a variable (edit/delete/create) is admin:pipeline:bitbucket as I've just tested it on my end and I was able to successfully query the API.

You may be using the wrong format for the cURL command, you'll need to use basic auth with your email as the username (same email you use to login to Bitbucket) and the API token as the password, for example:

curl --request POST \
--url https://api.bitbucket.org/2.0/repositories/{workspaceID}/{reposlug}/deployments_config/environments/{uuid}/variables \
--user {youremailaddress}:{yourAPIToken} \
}'

You can find more info on using API tokens at the link below:

Hope this helps.

Cheers!

- Ben (Bitbucket Cloud Support)

View More Comments
Brian_Daniels
Brian_Daniels
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
August 20, 2025

Thank you, I traced the problem to the tooling using the v1 api url in some places, which returns the error.  Replacing it with the v2 url corrected the issue.

Like
Reply
0 votes
Aron Gombas _Midori_
Aron Gombas _Midori_
Community Champion
August 16, 2025

@Brian_Daniels I found an article in which the author works with the same end-point like you, and it seems he is also using the pipeline:variable scope. Maybe you need this, or there is a similar scope for environments, it might worth a research...

https://medium.com/@matiasquin/devops-wizardry-turning-bitbucket-variable-chaos-into-automation-bliss-18f392f89a70

Reply

Suggest an answer

Log in or Sign up to answer
Bitbucket
Bitbucket
DEPLOYMENT TYPE
CLOUD
PRODUCT PLAN
PREMIUM
PERMISSIONS LEVEL
Product Admin Site Admin
TAGS
AUG Leaders

Atlassian Community Events

    See all events
    Community
    Forums
    FAQs Forums guidelines
    Learning
    About learning Resources
    Events
    Champions
    Copyright © 2025 Atlassian
    Privacy Policy Notice at Collection Terms Security