パーソナル アクセス トークン

Personal access tokens can be used in place of passwords for Git over HTTPS, or to authenticate when using the Bitbucket Server REST API.

Creating personal access tokens

To create a personal access token:

  1. Go to Profile picture > Manage account > Personal access tokens.
  2. Click Create a token. 
  3. Set the token name, permissions, and expiry.

権限

Permissions restrict what a token can do. As tokens are like passwords, your token’s permissions will be set at your current level of access by default. We recommend, however, restricting your token’s permissions to only the level it will need.

Here are the permission combinations you can assign to a token:

Repo permissions are inherited from the project permissions

A token’s repository permission must be as high as its project permission.

If you give a token project write permission, you cannot give it only repository read permissions (it must be write-level or higher).


プロジェクトの読み取りプロジェクトの書き込みプロジェクト管理者
リポジトリの読み取り(tick) リポジトリのプルおよびクローン(error) Combination not possible(error) Combination not possible
リポジトリの書き込み

(tick) プル リクエスト アクションの実行

(tick) リポジトリのプッシュ、プル、およびクローン

(tick) プル リクエスト アクションの実行

(tick) リポジトリのプッシュ、プル、およびクローン

(error) Combination not possibl
リポジトリ管理者(tick) プル リクエスト アクションの実行

(tick) リポジトリの設定および権限の更新

(tick) リポジトリのプッシュ、プル、およびクローン

(tick) プル リクエスト アクションの実行

(tick) リポジトリの設定および権限の更新

(tick) リポジトリのプッシュ、プル、およびクローン

(tick) プル リクエスト アクションの実行

(tick) リポジトリの設定および権限の更新

(tick) プロジェクトの設定および権限の更新

(tick) リポジトリのプッシュ、プル、クローン、およびフォーク

(tick) リポジトリを作成する

You can modify a token’s permissions, or revoke a token, by going to Profile picture > Manage account > Personal access tokens.

期限

For added security, when you’re creating a token you can also set it to automatically expire. This is optional, but if your administrator has made this a requirement you’ll need to choose an expiry date that’s within the limits they’ve set.

Once a token has been created, its expiry date cannot be changed. You can see the expiry dates for all your tokens by going to Profile picture > Manage account > Personal access tokens.

パーソナル アクセス トークンを使用する

Map one token per integration

Personal access tokens are a secure way to use scripts and to integrate external applications with Bitbucket Server. We recommend only mapping one token per integration. This way, if the system is compromised, you can simply revoke the token and not affect other integrations.

For Git operations, you can use your personal access token as a substitute for your password. For example, to clone using a personal access token you can enter:

> git clone https://bitbucketserver.com/scm/projectname/teamsinspace.git
Cloning into 'teamsinspace'...
Username for 'https://bitbucketserver.com':username
Password for 'https://username@bitbucketserver.com':MDM0MjM5NDc2MDxxxxxxxxxxxxxxxxxxxxx

Or using Basic Auth:

git clone https://username:MDM0MjM5NDc2MDxxxxxxxxxxxxxxxxxxxxx@bitbucketserver.com/scm/projectname/teamsinspace.git

In addition, for REST operations you can use Basic Auth:

curl -u username:MDM0MjM5NDc2MDxxxxxxxxxxxxxxxxxxxxx https://bitbucketserver.com/rest/api/latest/resource/path

Or you can use Bearer Auth without your username:

curl -H 'Authorization: Bearer MDM0MjM5NDc2MDxxxxxxxxxxxxxxxxxxxxx' https://bitbucketserver.com/rest/api/latest/resource/path
最終更新日 2020 年 7 月 9 日

この内容はお役に立ちましたか?

はい
いいえ
この記事についてのフィードバックを送信する
Powered by Confluence and Scroll Viewport.