Bitbucket
Connect Bitbucket Cloud using OAuth or an App password
Bitbucket Cloud supports two auth methods: OAuth 2.0 (recommended) or an App password. OAuth refreshes automatically; App passwords are simpler for one-off testing.
Bitbucket Cloud only — Bitbucket Server / Data Center isn't currently supported. Reach out at support@sigsentry.com if that matters to you.
Recommended: OAuth 2.0
Click "Connect Bitbucket via OAuth"
In the dashboard under Project → Code Repos → Connect repository → Bitbucket → OAuth, you're redirected to Bitbucket's OAuth consent flow.
Authorize the requested scopes
Bitbucket asks you to grant SigSentry these permissions:
| Permission | Why |
|---|---|
repository:read | Read file contents, commits, branches |
account:read | Read your workspace info |
Click Grant access.
Return to SigSentry
Bitbucket redirects back. The access and refresh tokens are stored encrypted; SigSentry refreshes them automatically near expiration. Your workspace slug (the username or organization slug) is detected and stored automatically.
Configure repos
| Field | Value |
|---|---|
| Repositories | One per line, in workspace/repo-slug format. e.g. acme/checkout-api |
| Lookback days | Default 30 |
Save
Click Save. Run an analysis to confirm code correlation works.
Fallback: App password
Generate an App password
In Bitbucket, Personal settings → App passwords → Create app password.
| Setting | Value |
|---|---|
| Label | sigsentry-readonly |
| Permissions | Repositories: Read, Account: Read |
Click Create. Copy the App password — shown only once.
Add in SigSentry
Project → Code Repos → Connect repository, pick Bitbucket and App password.
| Field | Value |
|---|---|
| Username | Your Bitbucket username (not email) |
| App password | The App password you generated |
| Repositories | One per line, workspace/repo-slug format |
| Lookback days | Default 30 |
Save
Click Save.
How tokens are refreshed
OAuth tokens refresh automatically as needed. App passwords don't expire on their own — you have to revoke them in Bitbucket.
Revoking access
| For | Action |
|---|---|
| OAuth | Bitbucket → Workspace settings → OAuth consumers → revoke |
| App password | Bitbucket → Personal settings → App passwords → revoke |
Troubleshooting
| Error | Fix |
|---|---|
401 Unauthorized | Token expired or App password revoked; re-authorize |
403 Forbidden | Token lacks repository:read |
404 Not Found | Repo slug typo, or repo is in a different workspace |
| Diffs missing file counts | Bitbucket's diff API doesn't return file stats — we parse the full diff to count |