Stash is now known as Bitbucket Server.
See the

Unknown macro: {spacejump}

of this page, or visit the Bitbucket Server documentation home page.

Branch permissions allow you to control who can commit to specific branches in a repository. Branch permissions provide another level of security within Stash (along with user authentication and project, repository and global permissions) that provides a way to control, or enforce, your own workflow or process.

Branch permissions:

  • are based on users or groups.
  • prevent unauthorised users pushing to or deleting the branch.
  • are based on explicit branch names, or you can use advanced branch permissions to match multiple branches (or tags) using pattern matching.

If a user does not have commit access to the branch, an error message will be shown on the Git command line when they try to push a change to the branch. 

Note that if no branch permissions are defined then anyone with commit access can push to any branch. Also, if there are conflicting permissions, the most permissive one applies; for example if one permission restricts a particular users access but another permission allows it, then the user will be allowed commit access.

Setting branch permissions

Branch permissions in Stash are set on a per-repository basis. Makes sense – branch permissions control access to repository branches, right?

You'll need either project admin, admin or sys-admin permissions to set branch permissions.

So, to set branch permissions:

  1. Go to a repository in a project.
  2. Choose Settings > Branch (under 'Permissions').
  3. Click Add permission.
  4. On the Branch tab, choose the branch for which you want to control access.
  5. Add (or remove) users or groups that you want to have (or not have) commit access to the branch.
  6. Click Create to finish.

You can always change the permissions for a branch later, if necessary.


Advanced branch permissions

Advanced branch permissions specify a pattern that is matched against branches and tags being pushed to Stash; this allows you to restrict any pushes to branches that match the pattern.

Advanced branch permission also apply to attempts to create new branches; if a push to Stash attempts to create a new branch that matches a pattern, the user must be authorised for the operation to proceed.


To set advanced branch permissions, choose Settings > Branch, and click Add permission, as described above.

On the Advanced tab, enter a glob pattern to match the names of multiple branches for which you want to control access.

  • No labels