Managing personal access tokens
Administering Bitbucket Server
- Users and groups
- External user directories
- Global permissions
- Setting up your mail server
- Integrating Bitbucket Server with Atlassian applications
- Connecting Bitbucket Server to an external database
- Migrating Bitbucket Server to another server
- Getting started with Bitbucket Server and AWS
- Specifying the base URL for Bitbucket Server
- Configuring the application navigator
- Managing apps
- Auditing in Bitbucket
- Updating your Bitbucket Server license details
- Bitbucket Server config properties
- Moving Bitbucket Server to a different context path
- Data recovery and backups
- Disabling HTTP(S) access to Git repositories in Bitbucket Server
- Smart Mirroring
- Data Center Migration
- Git Large File Storage
- Git Virtual File System (GVFS)
- Enabling SSH access to Git repositories in Bitbucket Server
- Using diff transcoding in Bitbucket Server
- Changing the port that Bitbucket Server listens on
- Lockout recovery process
- Proxying and securing Bitbucket Server
- High availability for Bitbucket Server
- Diagnostics for third-party apps
- Enabling JMX counters for performance monitoring
- Bitbucket Server debug logging
- Scaling Bitbucket Server
- Add shortcut links to a Bitbucket Server repository
- Administer code search
- Adding additional storage for your repository data
- Add a system-wide announcement banner
- Configuring Project links across Applications
- Improving instance stability with rate limiting
- Use a CDN with Atlassian Data Center applications
- Managing personal access tokens
- Connecting to a 3rd party application using Application Links
- Setting a system-wide default branch name
- Automatically decline inactive pull requests
- Encrypt database password
- Xcode for Bitbucket Server
On this page
- No related content found
Still need help?
The Atlassian Community is here for you.
Users can create personal access tokens and use them in place of passwords for Git over HTTPS, or to authenticate when using the Bitbucket Server REST API. As an administrator, you can edit and revoke tokens, and set global token settings.
Editing and revoking tokens
As an administrator, you can’t create tokens for users. However, once a user has created a token, you can edit or revoke it.
To edit or revoke a token:
Go to > Users.
Search for the user and click on them.
Open the Personal access tokens tab.
Click Edit or Revoke.
Clicking Edit will allow you to change a token’s name or its permissions. If it has an expiry date, however, you will not be able to modify it. Once a token’s expiry date has been set, it can’t be changed.
Require token expiry
By default, when a user is creating a personal access token, they can choose whether they want it to expire. As a system administrator, for added security you can make setting a token expiry a requirement.
To require token expiry:
Go to > Personal access tokens.
Choose Yes for Expiry required.
Enter the Max days until expiry.
- No related content found