App passwords allow two-step verification users make API calls to their Bitbucket account through apps such as SourceTree and Bamboo.
About app passwords
Some important points about app passwords:
You cannot view an app password or adjust permissions after you create the app password.Why?
Because app passwords are encrypted on our database and cannot be viewed by anyone. They are essentially designed to be disposable. If you need to change the scopes or lost the password just create a new one.
- You cannot use them to log into your Bitbucket account.
You cannot use app passwords to manage team actions.
You can use them for API call authentication, even if you don't have two-step verification enabled.
- You can set permission scopes (specific access rights) for each app password.
Create an app password
To create an app password:
- Select Avatar > Bitbucket settings.
- Click App passwords in the Access management section.
- Click Create app password.
- Give the app password a name related to the application that will use the password.
- Select the specific access and permissions you want this application password to have.
- Copy the generated password and either record or paste it into the application you want to give access. The password is only displayed this one time.
That's all there is to creating an app password. See your applications documentation for how to apply the app password for a specific application.
Revoke an app password
To revoke an app password just select the password and click Revoke. Then confirm that you want to revoke the password.
Was this helpful?
Thanks for your feedback!