Use deployment keys

You can use deployment keys with your Bitbucket Cloud repositories. A deployment key grants read-only access to a public or private repository. With a deployment key a user or a process can pull or clone a repository over SSH. Deployment keys have the following features and limitations:

  • Deployment keys do not apply to your plan limit. 
  • You can add the same deployment key to multiple repositories.
  • The deployment key must be unique — it cannot also be associated with an account.

Deployment keys are useful for authenticating a build server to checkout and test your code.   

Before you begin

Make sure you have already generated your deployment key. For detailed information on the SSH protocol and generating keys, see Use the SSH protocol with Bitbucket Cloud.

How to add a deployment key

If you are using the deployment key for building code, make sure your build server has the key installed. For example, if you are using Bamboo to build your code, make sure each agent has the key installed. To add a deployment key to Bitbucket, do the following:

  1. Log into a repository under an account with administrative rights.
  2. Go to the repository's settings .
  3. Click Deployment keys from the left hand menu.
  4. Press Add Key.
    The system displays the Add SSH Key dialog.
  5. Enter a label and the key.
  6. Press Add key.
    Bitbucket notifies you via email that a key was added to your account.

If you are using your key for a build system, it is a good idea to confirm the key is working correctly from the build server (or Bamboo agent). For example, you could manually clone a repository on the server using the SSH protocol and the key.   If you have trouble using your key, see Troubleshoot SSH Issues.

Edit a deployment key

After you add a key, you can edit the key's Label but not the key itself. If you need to change the key's contents, you must delete and re-add the key.  This is a security measure. In the event your account security was hacked without your knowledge, the hacker could not replace or damage your existing keys.

Was this helpful?

Thanks for your feedback!

Why was this unhelpful?

Have a question about this article?

See questions about this article

Powered by Confluence and Scroll Viewport