Skip to main content
Bitbucket integration in Dokploy uses direct authentication with App Passwords or Repository Access Tokens (API tokens) to access your Bitbucket repositories.

Features

  • App Password authentication for simple setup
  • Repository Access Token (API token) support for enhanced security
  • Workspace-level repository access
  • Repository and branch browsing
  • Support for both personal and workspace repositories
  • No OAuth flow required

Prerequisites

  • A Bitbucket account (Bitbucket Cloud)
  • Access to the repositories you want to deploy
  • Workspace membership for team repositories

Authentication Methods

Bitbucket supports two authentication methods:

Setup with App Passwords

1

Navigate to App Passwords

  1. Log in to Bitbucket
  2. Click your profile avatar → Personal settings
  3. Under “Access management”, click App passwords
  4. Click Create app password
2

Configure App Password

Fill in the app password details:Label: Choose a descriptive name (e.g., “Dokploy Production”)Permissions: Select the following scopes:
  • Repositories → Read
  • Repositories → Write
You can grant additional scopes, but these are the minimum required.
3

Create and Copy Password

  1. Click Create
  2. Copy the generated app password immediately
The app password is shown only once. Store it securely.
4

Note Your Username

You’ll need your Bitbucket username for configuration:
  • Found in your profile URL: https://bitbucket.org/{username}/
  • Or in Personal settings → Account settings

Setup with Repository Access Tokens

1

Navigate to Workspace Settings

  1. Go to your Bitbucket workspace
  2. Click Settings (workspace settings, not repository)
  3. Under “Access tokens”, click Repository access tokens
  4. Click Create Repository Access Token
2

Configure Token

Fill in the token details:Token name: Descriptive name (e.g., “Dokploy Deploy”)Scopes: Select:
  • Repositories → Read
  • Repositories → Write
Repositories: Choose which repositories to grant access to
  • All repositories in workspace
  • Specific repositories
3

Create and Copy Token

  1. Click Create
  2. Copy the generated token
Repository Access Tokens are shown only once.
4

Note Required Information

You’ll need:
  • API Token: The token you just copied
  • Atlassian Email: Your Atlassian account email
  • Workspace Name: The workspace slug (from URL)

Configuring in Dokploy

With App Password

1

Navigate to Git Providers

In Dokploy dashboard:
  1. Go to SettingsGit Providers
  2. Click Add Git Provider
  3. Select Bitbucket
2

Enter App Password Configuration

Fill in the Bitbucket details:Provider Name: A friendly name (e.g., “Bitbucket Personal”)Bitbucket Username: Your Bitbucket usernameApp Password: The app password you generatedWorkspace Name (optional): Leave empty to use username, or specify workspace slug
Workspace name is the slug in your workspace URL: bitbucket.org/{workspace-slug}
3

Test Connection

Click Test Connection to verify:
  • Credentials are correct
  • API access is working
  • Repositories are accessible
The test displays the number of accessible repositories.
4

Save Provider

Click Save to store the configuration.

With Repository Access Token

1

Navigate to Git Providers

In Dokploy dashboard:
  1. Go to SettingsGit Providers
  2. Click Add Git Provider
  3. Select Bitbucket
2

Enter API Token Configuration

Fill in the Bitbucket details:Provider Name: A friendly name (e.g., “Bitbucket Team”)Atlassian Email: Your Atlassian account email addressAPI Token: The repository access tokenWorkspace Name: The workspace slug
For API tokens, Atlassian email is required for API authentication.
3

Test and Save

  1. Click Test Connection
  2. Verify repository count
  3. Click Save

Using Bitbucket in Applications

Deploying from Bitbucket

1

Create or Edit Application

When creating/editing an application:
  1. Set Source Type to “Git”
  2. Select your Bitbucket provider
2

Select Repository

Choose from accessible repositories:
  • Repositories appear as repository names
  • Both personal and workspace repos are shown
  • Only repos with granted access are available
3

Configure Deployment

Owner: Workspace slug or usernameRepository Slug: Automatically filled from selectionBranch: Select the branch to deployAuto Deploy (optional): Configure automatic deployments

Repository Structure

Bitbucket repositories include: 
{
  name: "my-app",
  url: "https://bitbucket.org/workspace/my-app",
  slug: "my-app",  // Used for git operations
  owner: {
    username: "workspace"  // Workspace slug
  }
}

Authentication Details

App Password Authentication

For Git Operations: 
https://{username}:{app_password}@bitbucket.org/{owner}/{repo}.git
For API Calls: 
Authorization: Basic base64({username}:{app_password})

API Token Authentication

For Git Operations: 
https://x-bitbucket-api-token-auth:{api_token}@bitbucket.org/{owner}/{repo}.git
For API Calls: 
Authorization: Basic base64({atlassian_email}:{api_token})
Bitbucket requires the Atlassian email for API authentication with tokens, but uses a special format for git operations.

API Integration

Repository Listing

Fetches repositories with pagination: 
GET https://api.bitbucket.org/2.0/repositories/{workspace}?pagelen=100
Authorization: Basic {credentials}
Pagination:
  • 100 repositories per page (maximum)
  • Uses next field for pagination
  • Automatically fetches all pages
Response: 
{
  "values": [
    {
      "name": "my-app",
      "slug": "my-app",
      "links": {
        "html": {
          "href": "https://bitbucket.org/workspace/my-app"
        }
      },
      "workspace": {
        "slug": "workspace"
      }
    }
  ],
  "next": "https://api.bitbucket.org/2.0/repositories/workspace?page=2"
}

Branch Listing

Fetches branches for a repository: 
GET https://api.bitbucket.org/2.0/repositories/{owner}/{repo}/refs/branches?pagelen=100
Authorization: Basic {credentials}
Response: 
{
  "values": [
    {
      "name": "main",
      "target": {
        "hash": "abc123..."
      }
    }
  ]
}

Repository Cloning

Clone command format: 
# With App Password
git clone --branch {branch} --depth 1 \
  https://{username}:{app_password}@bitbucket.org/{owner}/{repo}.git \
  {outputPath}

# With API Token
git clone --branch {branch} --depth 1 \
  https://x-bitbucket-api-token-auth:{api_token}@bitbucket.org/{owner}/{repo}.git \
  {outputPath}

Workspace vs Personal Repositories

Personal Repositories

Use your username as workspace: 
Workspace Name: your-username
Repositories: your-username/repo1, your-username/repo2

Workspace Repositories

Use workspace slug: 
Workspace Name: team-workspace
Repositories: team-workspace/repo1, team-workspace/repo2

Mixed Access

With App Passwords, you can access:
  • Your personal repositories
  • All workspace repositories where you’re a member
Leave Workspace Name empty to use your username, or specify a workspace to filter repositories.

Troubleshooting

Symptoms: “Invalid credentials” or “Unauthorized” errorsFor App Passwords:
  1. Check Username: Must be exact Bitbucket username
  2. Verify App Password: Ensure copied correctly (no extra spaces)
  3. Review Scopes: Ensure Read and Write repository scopes are enabled
  4. Test Manually: 
    curl -u username:app_password \
  https://api.bitbucket.org/2.0/user
For API Tokens:
  1. Check Email: Must be exact Atlassian account email
  2. Verify Token: Ensure token is not expired or revoked
  3. Review Scopes: Check token has required permissions
  4. Test Manually: 
    curl -u email:api_token \
  https://api.bitbucket.org/2.0/user
Symptoms: Test connection succeeds but no repositories shownSolutions:
  1. Check Workspace: Verify workspace name is correct slug
  2. Review Membership: Ensure you’re a member of the workspace
  3. Create Test Repo: Create a repository to verify access
  4. Test API Call: 
    curl -u credentials \
  "https://api.bitbucket.org/2.0/repositories/{workspace}"
  5. Check Token Scope: For API tokens, verify repo access is granted
Symptoms: “Repository configuration failed” during deploymentSolutions:
  1. Verify Repository Slug: Must match exactly (case-sensitive)
  2. Check Owner: Should be workspace slug, not display name
  3. Test Git Access: 
    # App Password
git ls-remote https://username:password@bitbucket.org/owner/repo.git

# API Token
git ls-remote https://x-bitbucket-api-token-auth:token@bitbucket.org/owner/repo.git
  4. Review Permissions: Ensure read access to repository
Symptoms: “Rate limit exceeded” errorsSolutions:
  1. Check Usage: Bitbucket limits vary by plan
  2. Throttle Deployments: Space out deployments
  3. Review Limits:
    • Free: 1000 requests/hour
    • Paid: Higher limits based on plan
  4. Use Separate Tokens: Different apps for different purposes
Symptoms: Wrong repositories shown or access deniedSolutions:
  1. Find Workspace Slug: Check URL when viewing workspace: 
    https://bitbucket.org/{workspace-slug}/
  2. Not Display Name: Use slug, not the display name
  3. Leave Empty: For personal repos, leave workspace name empty
  4. Test Both: Try with and without workspace name

Security Best Practices

1. Credential Management

Protect your Bitbucket credentials:
  • Never Commit: Don’t commit app passwords or tokens to repositories
  • Rotate Regularly: Regenerate credentials periodically
  • Use Separate Credentials: Different tokens for dev/staging/prod
  • Revoke Unused: Delete old or unused app passwords and tokens

2. Scope Limitation

Grant minimum necessary permissions:
  • Read Only When Possible: If no push required, use read-only scopes
  • Repository-Specific: Use Repository Access Tokens for specific repos
  • Avoid Admin: Don’t grant admin scopes unless absolutely needed

3. App Password vs API Token

Use App Passwords for:
  • Personal projects
  • Individual developers
  • Multi-workspace access
Use API Tokens for:
  • Team deployments
  • Workspace-level automation
  • Service accounts
  • Specific repository access

4. Access Monitoring

  • Review Access: Regularly audit workspace members
  • Monitor Usage: Check Bitbucket access logs
  • Track Deployments: Monitor Dokploy deployment logs
  • Revoke on Leave: Remove access when team members leave

Advanced Configuration

Multiple Bitbucket Providers

Configure separate providers for: Different Workspaces: 
Provider 1:
  Name: Team A Workspace
  Workspace: team-a
  Credentials: App Password

Provider 2:
  Name: Team B Workspace
  Workspace: team-b
  Credentials: API Token
Different Credential Types: 
Provider 1:
  Name: Personal Repos
  Auth: App Password
  Workspace: (empty)

Provider 2:
  Name: Company Repos
  Auth: API Token
  Workspace: company-workspace

Submodule Support

Enable submodules in your application settings:
  1. Toggle Enable Submodules
  2. Ensure submodule repositories are accessible with same credentials
  3. Submodules must use HTTPS URLs
Clone with submodules: 
git clone --branch main --depth 1 --recurse-submodules \
  https://credentials@bitbucket.org/owner/repo.git

Repository Filtering

For workspaces with many repositories:
  1. Use different providers for different projects
  2. Organize by team or product
  3. Use workspace filtering

Comparison with Other Providers

FeatureBitbucketGitHubGitLab
OAuth Flow❌ No✅ Yes✅ Yes
App Passwords✅ Yes❌ No❌ No
API Tokens✅ Yes✅ Yes✅ Yes
Webhooks🔜 Soon✅ Yes🔜 Soon
Auto Refresh❌ N/A✅ Yes✅ Yes
Self-Hosted❌ No❌ No✅ Yes

Limitations

Current limitations of Bitbucket integration:
  • No Webhook Support: Automatic deployments require manual triggers
  • No Server Version: Bitbucket Server/Data Center not supported (only Cloud)
  • No OAuth: Uses direct authentication instead of OAuth flow
  • Manual Token Rotation: App passwords and tokens don’t auto-refresh

Future Enhancements

Planned improvements:
  • Webhook Support: Automatic deployments on push
  • Bitbucket Server: Support for self-hosted Bitbucket
  • Deploy Keys: SSH-based authentication
  • Pull Request Previews: Preview deployments for PRs

Next Steps

Deploy an Application

Create your first deployment from Bitbucket

GitHub Integration

Compare with GitHub integration

GitLab Integration

Compare with GitLab integration

Git Providers Overview

Compare all Git provider options