Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-34262

Support for OAuth credentials

    XMLWordPrintable

Details

    Description

      Right now Bitbucket Source plugin requires putting personal password to be able to monitor branches. This is a security risk to expose such information. The proper way would be to create an OAuth consumer on Bitbucket side, set proper access permissions and use OAuth key+secret to authenticate to Bitbucket.

      Attachments

        Activity

          hemp Chris Hemp added a comment -

          Having the same issue.  With SAML/SSO configured, App Passwords do not work.  

          Using bitbucket-branch-source-plugin version 2.2.14

          hemp Chris Hemp added a comment - Having the same issue.  With SAML/SSO configured, App Passwords do not work.   Using bitbucket-branch-source-plugin version 2.2.14
          weynhamz Weynham Zheng added a comment -

          Same here, after enabled two factors auth, tried app passwords, won't work either.

          weynhamz Weynham Zheng added a comment - Same here, after enabled two factors auth, tried app passwords, won't work either.
          steve_cobe Steven Clark added a comment -

          Hey guys, at least mentioning that OAuth doesn't work would be a great help for other developers. I've spent a good couple of hours trying different options and permissions for my Bitbucket OAuth key. Our company uses two factor authentication for normal BB users and it's only after trying an account that didn't have 2 factor auth turned on that I've finally got this plugin working.

          steve_cobe Steven Clark added a comment - Hey guys, at least mentioning that OAuth doesn't work would be a great help for other developers. I've spent a good couple of hours trying different options and permissions for my Bitbucket OAuth key. Our company uses two factor authentication for normal BB users and it's only after trying an account that didn't have 2 factor auth turned on that I've finally got this plugin working.

           This issue renders the plugin useless. Is there any ETA for this to be implemented

          hoegertn Thorsten Hoeger added a comment -  This issue renders the plugin useless. Is there any ETA for this to be implemented
          davidham David Ham added a comment -

          At the least, could you update the landing page for this plugin to reflect the fact that it doesn't support OAuth? I worked on this for a long time before finding this ticket. As far as the Jenkins credentials page is concerned, OAuth credentials are the same as other username/password. Putting this in the README would help a lot. Thanks.

          davidham David Ham added a comment - At the least, could you update the landing page for this plugin to reflect the fact that it doesn't support OAuth? I worked on this for a long time before finding this ticket. As far as the Jenkins credentials page is concerned, OAuth credentials are the same as other username/password. Putting this in the README would help a lot. Thanks.

          People

            amuniz Antonio Muñiz
            maximkulkin Maxim Kulkin
            Votes:
            17 Vote for this issue
            Watchers:
            23 Start watching this issue

            Dates

              Created:
              Updated: