API トークン

API tokens are user-based tokens for scripting tasks and integrating tools, for example CI/CD tools, with Bitbucket Cloud. They are the long term replacement for App passwords.

API tokens are designed to be used for a single purpose with limited permissions, so they don't require two-step verification (2SV, also known as two-factor authentication or 2FA).

API token features

API tokens have the following features:

• API 呼び出しの認証に使用できます。

• They have limited permissions (scopes), specified when the API token is created.

• They can be further scoped to a particular Bitbucket Cloud workspace.

• アプリ パスワードは再利用できず、単一の目的のために使用されます。

API token limitations

API tokens have the following limitations:

• ワークスペース アクションの管理には使用できません。

• They can't be viewed or edited after they are created. They are intended to be replaced with a new API token rather than recovered or modified.

• They can't be used to log in to your Bitbucket account at bitbucket.org

Atlassian Administration authentication policies

On Atlassian Administration, org admins have the ability to limit the creation of new API tokens for their managed users. However, this restriction does not extend to Bitbucket. Consequently, managed users are always permitted to create API tokens specifically for use with Bitbucket.