Managing HTTP access tokens
Administer Bitbucket Data Center and Server
- Users and groups
- Advanced repository management
- External user directories
- Global permissions
- Setting up your mail server
- Integrate with Atlassian applications
- Connect Bitbucket to an external database
- Migrating Bitbucket Server to another server
- Migrate Bitbucket Server from Windows to Linux
- Run Bitbucket in AWS
- Specify the Bitbucket base URL
- Configuring the application navigator
- Managing apps
- View and configure the audit log
- Update your license key
- Configuration properties
- Change Bitbucket's context path
- Data recovery and backups
- Disable HTTP(S) access to Git repositories
- Smart Mirroring
- Bitbucket Mesh
- Export and import projects and repositories
- Git Large File Storage
- Git Virtual File System (GVFS)
- Enable SSH access to Git repositories
- Use diff transcoding
- Change the port Bitbucket listens on
- Lockout recovery process
- Proxy and secure Bitbucket
- High availability for Bitbucket
- Diagnostics for third-party apps
- Enabling JMX counters for performance monitoring
- Bitbucket guardrails
- Enable debug logging
- Scaling Bitbucket Server
- Add a shortcut link to a repository
- Administer code search
- Adding additional storage for your repository data
- Add a system-wide announcement banner
- Configuring Project links across Applications
- Improving instance stability with rate limiting
- Use a CDN with Atlassian Data Center applications
- Managing HTTP access tokens
- Link to other applications
- Setting a system-wide default branch name
- Automatically decline inactive pull requests
- Encrypt database password
- Data pipeline
On this page
Related content
- HTTP access tokens
- How to bypass Verify Committer Hook in Bitbucket Data Center
- How to bypass Verify Committer Hook in Bitbucket Data Center
- An error "You are not permitted to access this resource" appears in Bitbucket Data Center while creating a fork repository into a different project via the API
- How-to use OAuth2 tokens for administrative endpoints of Bitbucket Data Center
- An error "You are not permitted to access this resource" appears in Bitbucket Data Center while creating a fork repository into a different project via the API
- OAuth 2.0 scopes for incoming links
- How to renew personal access tokens via REST API's in Bitbucket Server
- OAuth 2.0 provider system properties
- How to allow public access to a repository via the REST API in Bitbucket Server
Project and repository administrators can create HTTP access tokens for their projects and repositories. Users can create personal HTTP access tokens and use them in place of passwords for Git over HTTPS, or to authenticate when using the Bitbucket Data Center and Server REST API. As an administrator, you can edit and revoke tokens, and set global token settings.
Editing and revoking tokens
As an administrator, you can’t create tokens for users. However, once a user has created a token, you can edit or revoke it.
To edit or revoke a personal HTTP token:
Go to
> Users.Search for the user and click on them.
Open the HTTP access tokens tab.
Select Edit or Revoke.
To edit or revoke a project or repository's HTTP token:
- From either the Project or Repository settings, select HTTP access tokens.
- Select Edit or Revoke.
Selecting Edit will allow you to change a token’s name or its permissions. If it has an expiry date, however, you will not be able to modify it. Once a token’s expiry date has been set, it can’t be changed.
Require token expiry
By default, when a user is creating a personal access token, they can choose whether they want it to expire. As a system administrator, for added security you can make setting a token expiry a requirement.
To require token expiry:
Go to
> HTTP access tokens (under System).Select Yes for Expiry required.
Enter the Max days until expiry.
Select Save.
Related content
- HTTP access tokens
- How to bypass Verify Committer Hook in Bitbucket Data Center
- How to bypass Verify Committer Hook in Bitbucket Data Center
- An error "You are not permitted to access this resource" appears in Bitbucket Data Center while creating a fork repository into a different project via the API
- How-to use OAuth2 tokens for administrative endpoints of Bitbucket Data Center
- An error "You are not permitted to access this resource" appears in Bitbucket Data Center while creating a fork repository into a different project via the API
- OAuth 2.0 scopes for incoming links
- How to renew personal access tokens via REST API's in Bitbucket Server
- OAuth 2.0 provider system properties
- How to allow public access to a repository via the REST API in Bitbucket Server