Managing personal access tokens

Administering Bitbucket Server

On this page

Still need help?

The Atlassian Community is here for you.

Ask the community

Users can create personal access tokens and use them in place of passwords for Git over HTTPS, or to authenticate when using the Bitbucket Server REST API. As an administrator, you can edit and revoke tokens, and set global token settings.


Editing and revoking tokens

As an administrator, you can’t create tokens for users. However, once a user has created a token, you can edit or revoke it.

To edit or revoke a token:

  1. Go to  > Users.

  2. Search for the user and click on them.

  3. Open the Personal access tokens tab.

  4. Click Edit or Revoke.

Clicking Edit will allow you to change a token’s name or its permissions. If it has an expiry date, however, you will not be able to modify it. Once a token’s expiry date has been set, it can’t be changed.

Require token expiry

By default, when a user is creating a personal access token, they can choose whether they want it to expire. As a system administrator, for added security you can make setting a token expiry a requirement.

To require token expiry:

  1. Go to  > Personal access tokens.

  2. Choose Yes for Expiry required.

  3. Enter the Max days until expiry.

  4. Click Save.

Last modified on Aug 5, 2020

Was this helpful?

Yes
No
Provide feedback about this article
Powered by Confluence and Scroll Viewport.