App passwords

App passwords allow two-step verification users make API calls to their Bitbucket account through apps such as SourceTree and Bamboo.

This page

Related pages

About app passwords

Some important points about app passwords:

  • You cannot view an app password or adjust permissions after you create the app password.


    Because app passwords are encrypted on our database and cannot be viewed by anyone. They are essentially designed to be disposable. If you need to change the scopes or lost the password just create a new one.

  • You cannot use them to log into your Bitbucket account.
  • You cannot use app passwords to manage team actions.

    App passwords are tied to an individual account's credentials and should not be shared. If you're sharing your app password you're essentially giving direct, authenticated, access to everything that password has been scoped to do with the Bitbucket API's.

  • You can use them for API call authentication, even if you don't have two-step verification enabled.

  • You can set permission scopes (specific access rights) for each app password.

Create an app password

To create an app password:

  1. Select Avatar > Bitbucket settings.
  2. Click App passwords in the Access management section.
  3. Click Create app password.
  4. Give the app password a name related to the application that will use the password.
  5. Select the specific access and permissions you want this application password to have.
  6. Copy the generated password and either record or paste it into the application you want to give access. The password is only displayed this one time.

That's all there is to creating an app password. See your applications documentation for how to apply the app password for a specific application.

Revoke an app password

To revoke an app password just select the password and click Revoke. Then confirm that you want to revoke the password.

Was this helpful?

Thanks for your feedback!

Why was this unhelpful?

Have a question about this article?

See questions about this article

Powered by Confluence and Scroll Viewport