Forums
Home Product Q&A Discussion groups Articles Ask a question Search
Learning
Events
Champions

Forums

Articles
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

desperately searching where I can configure http access tokens.

EppIctUnit
EppIctUnit November 24, 2021

Hello, following the tutorial here, I can't find what I need:

https://confluence.atlassian.com/bitbucketserver/personal-access-tokens-939515499.html

  1. Go to Profile picture > Manage account > HTTP access tokens.
  2. Select Create token. 

Here is what I have:

Capture.PNG

Nothing also in personal settings:

Capture2.PNG

Did it move somewhere else ?

In my atlassian settings, nothing here also.

I want to create an access token to clone, trough https, one of my repo's.

Thanks !

Answer
Watch
Like Be the first to like this
586 views

1 answer

1 accepted

0 votes
Answer accepted
seanaty
seanaty
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
November 24, 2021

The link you reference is for Bitbucket Server but the screenshot you shared is from Bitbucket Cloud.

To clone through HTTPS Bitbucket Cloud recommends what's called an "app password" (because it can also be used to make requests to the Bitbucket API).

You can see the link to "App passwords" in your screenshot. Create one there.

View More Comments
EppIctUnit
EppIctUnit November 24, 2021

Thank you !

I created an app password, gave read acces on repos etc.

But when I try to:

git clone https://x-token-auth:3B9ByAAAAAAAAAAAAAA8Y7@bitbucket.org/XXXXXXXXX/XXX_PROJECT.git
Cloning into 'XXX_PROJECT.git'...
fatal: Authentication failed for 'https://x-token-auth:3B9ByAAAAAAAAAAAAAA8Y7@bitbucket.org/XXXXXXXXX/XXX_PROJECT.git'

Like
seanaty
seanaty
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
November 24, 2021

You don't want to use x-token-auth with app passwords. Replace that with your username. Also, if that's your real app password you should delete it and create a new one.

 

https://support.atlassian.com/bitbucket-cloud/docs/clone-a-repository/

Like
EppIctUnit
EppIctUnit November 24, 2021

ok, thanks again for your help, Indeed, that way it works.

The idea was to allow to clone trough https with composer without sharing a login :-/

We want to pull code from our many repos with composer

The problem is that this composer is shared between developers etc. so it's not clean to use user / token even if it's read only.

It look like also that's not possible to restrict to some repos, it gives access to all the repos.

note: we cannot use SSH.

 

I though that the only solution was this one:

 

 

X-token-auth seems to be attached to repos and not to accounts.

https://stackoverflow.com/questions/24965307/how-to-manipulate-bitbucket-repository-with-token/43114159#43114159


We recently introduced OAuth 2 and also added the ability to use them as HTTP Basic Auth credentials.

Cloning a repository with an access token
Since add-ons will not be able to upload their own SSH keys to clone with, access tokens can be used as Basic HTTP Auth credentials to clone securely over HTTPS.

git clone https://x-token-auth:{access_token}@bitbucket.org/user/repo.git


The literal string x-token-auth as a substitute for username is required.

Like
Reply

Suggest an answer

Log in or Sign up to answer
Bitbucket
Bitbucket
DEPLOYMENT TYPE
CLOUD
TAGS
AUG Leaders

Atlassian Community Events

    See all events
    Community
    Forums
    FAQs Forums guidelines
    Learning
    About learning Resources
    Events
    Champions
    Copyright © 2025 Atlassian
    Privacy Policy Terms Security
    Welcome illustration

    Welcome to the new Atlassian Community

    Online forums and learning are now in one easy-to-use experience.

    By continuing, you accept the updated Community Terms of Use and acknowledge the Privacy Policy. Your public name, photo, and achievements may be publicly visible and available in search engines.