Managing personal access tokens
Administer Bitbucket Data Center and Server
- Users and groups
- Advanced repository management
- External user directories
- Global permissions
- Setting up your mail server
- Integrate with Atlassian applications
- Connect Bitbucket to an external database
- Migrating Bitbucket Server to another server
- Run Bitbucket in AWS
- Specify the Bitbucket base URL
- Configuring the application navigator
- Managing apps
- View and configure the audit log
- Update your license key
- Configuration properties
- Change Bitbucket's context path
- Data recovery and backups
- Disable HTTP(S) access to Git repositories
- Smart Mirroring
- Export and import projects and repositories
- Git Large File Storage
- Git Virtual File System (GVFS)
- Enable SSH access to Git repositories
- Use diff transcoding
- Change the port Bitbucket listens on
- Lockout recovery process
- Proxy and secure Bitbucket
- High availability for Bitbucket
- Diagnostics for third-party apps
- Enabling JMX counters for performance monitoring
- Enable debug logging
- Scaling Bitbucket Server
- Add a shortcut link to a repository
- Administer code search
- Adding additional storage for your repository data
- Add a system-wide announcement banner
- Configuring Project links across Applications
- Improving instance stability with rate limiting
- Use a CDN with Atlassian Data Center applications
- Managing personal access tokens
- Connecting to a 3rd party application using Application Links
- Setting a system-wide default branch name
- Automatically decline inactive pull requests
- Encrypt database password
- Data pipeline
On this page
Related content
- Confluence Security Advisory - 2019-04-17
- Confluence Security Advisory 2022-06-02
- Confluence Security Advisory - 2019-12-18
- Confluence Security Advisory - 2019-03-20
- Confluence Security Advisory - 2019-08-28
- Confluence Security Advisory - 2015-01-21
- Confluence Security Advisory - 2017-04-19
- Confluence Security Advisory - 2016-09-21
- Confluence Security Advisory 2013-08-05
- Questions For Confluence Security Advisory 2022-07-20
Users can create personal access tokens and use them in place of passwords for Git over HTTPS, or to authenticate when using the Bitbucket Data Center and Server REST API . As an administrator, you can edit and revoke tokens, and set global token settings.
Editing and revoking tokens
As an administrator, you can’t create tokens for users. However, once a user has created a token, you can edit or revoke it.
To edit or revoke a token:
Go to
> Users.Search for the user and click on them.
Open the Personal access tokens tab.
Click Edit or Revoke.
Clicking Edit will allow you to change a token’s name or its permissions. If it has an expiry date, however, you will not be able to modify it. Once a token’s expiry date has been set, it can’t be changed.
Require token expiry
By default, when a user is creating a personal access token, they can choose whether they want it to expire. As a system administrator, for added security you can make setting a token expiry a requirement.
To require token expiry:
Go to
> Personal access tokens.Choose Yes for Expiry required.
Enter the Max days until expiry.
Click Save.
Related content
- Confluence Security Advisory - 2019-04-17
- Confluence Security Advisory 2022-06-02
- Confluence Security Advisory - 2019-12-18
- Confluence Security Advisory - 2019-03-20
- Confluence Security Advisory - 2019-08-28
- Confluence Security Advisory - 2015-01-21
- Confluence Security Advisory - 2017-04-19
- Confluence Security Advisory - 2016-09-21
- Confluence Security Advisory 2013-08-05
- Questions For Confluence Security Advisory 2022-07-20