Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-38031

Read/Write access to all repositories

    XMLWordPrintable

Details

    Description

      When using bitbucket OAuth just for authentication (we use deployment keys for jenkins repo access) it requires read/write access to all of my repositories.

      This makes me really uncomfortable as we have offshore developers that have access to the jenkins server CLI and could harvest my OAuth token to get access to all of my personal repositories and other company repositories that they should not have access to.

      Right now I login, then go back into Bitbucket and remove the authorization.

      Perhaps changing the default scope to "account"[1] (similar to JENKINS-23324 for github)?

      1. https://developer.atlassian.com/static/bitbucket/concepts/bitbucket-rest-scopes.html

      Attachments

        Issue Links

          Activity

            There are no comments yet on this issue.

            People

              Unassigned Unassigned
              joshperry Josh Perry
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

                Created:
                Updated: