Authenticate with BitBucket sign-in
Learn how to configure BitBucket as a single sign-in authentication method for , including the required permissions, OAuth Consumer setup, and the necessary configuration file settings. The process involves setting up callback URLs and permissions in BitBucket, obtaining client credentials, and adding specific authentication parameters to the configuration file, with optional HTTP proxy support for token endpoints.
To use BitBucket as a single sign-on method with you first need to create an OAuth consumer in BitBucket. Then you must configure with the metadata created as part of that OAuth consumer.
Create a BitBucket OAuth Consumer
First, you have to set up BitBucket. Once you do, go to Account Settings and create an OAuth Consumer.
Set the Callback URL to
%PUBLIC_URL%/auth/bitbucket. Then
grant the account:email permission
and .
Once that's done, find the Key (Client Id), and Secret (Client Secret) in the list of consumers. You'll need that to configure 's configuration file. You can read more about integrating an application on BitBucket on their Setup Instructions.
Configure to authenticate with BitBucket
Now that your consumer is created, you can configure to use authentication with BitBucket. This is configured through configuration variables in the configuration. To learn more about setting configuration, see Configuration Settings.
Edit the configuration file to include the following lines:
AUTHENTICATION_METHOD=oauth
PUBLIC_URL=$YOUR_SERVERS_BASE_URL
BITBUCKET_OAUTH_CLIENT_ID=$CLIENT_ID # The Key from your BitBucket OAuth Consumer
BITBUCKET_OAUTH_CLIENT_SECRET=$CLIENT_SECRET # The Secret your BitBucket OAuth Consumer
AUTO_CREATE_USER_ON_SUCCESSFUL_LOGIN=true # default is false
To have calls to the token endpoint for BitBucket use the cluster's HTTP
proxy settings, add the BITBUCKET_OAUTH_USE_HTTP_PROXY
configuration and set the value to true.