Forums
Home Product Q&A Discussion groups Articles Ask a question Search
Learning
Events

Forums

Articles
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Retrieve list of users with two step verification enabled on Bitbucket

Ganesh Narasimhadevara
Ganesh Narasimhadevara
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
October 15, 2019

Hello - At our organization, we are trying to get all the employees to enable 2FA for their bitbucket accounts. We are looking for a way to validate if a user has enabled 2FA or not. At the moment, i can get this done only in 1 way, that is by getting Atlassian Access - I can enforce and get a report from Managed Accounts page.

 

Is there an API or a place that can provide generate a report of al users who enabled 2FA themselves on Bitbucket?

Answer
Watch
Like victorferreirait likes this
2445 views

4 answers

0 votes
Stefan Höltker
Stefan Höltker
Contributor
May 24, 2024

I Build a Bitbucket Pipeline Scheduled Job for this.

This sends me a Mail every day with all Names of Users and 2FA indicator.

I have to send the mail from our internal mailer so i need to run it on a runner.
You can remove it if you can send mail from the internet.


Forgive the yml aligning but the comments here are not code friendly.

 

image: atlassian/default-image:3

pipelines:

default:

 - step:

name: 'Gather Infos about User'
# Can be removed when you have SMTP on the internet

runs-on:

 - 'self.hosted'

script:

 - LIST=$(curl -u ${BB_USERNAME}:${BB_APPSECRET} https://api.bitbucket.org/2.0/workspaces/${BITBUCKET_WORKSPACE}/members?fields=%2Bvalues.user.has_2fa_enabled | jq -r '.values[].user | "<tr><th>"+ .display_name +"</th><td>"+ (.has_2fa_enabled|tostring)+"</td></tr>"')

 - echo "$LIST"

 - pipe: atlassian/email-notify:0.13.1

variables:

FROM: '${MAIL_FROM}'

TO: '${MAIL_TO}'

HOST: '${MAIL_HOST}'

PORT: '${MAIL_PORT}'

SUBJECT: '${MAIL_SUBJECT}'

BODY_PLAIN: '<table><tr><th>Name</th><th>2FA aktiviert</th></tr>${LIST}</table>'
Reply
0 votes
Ganesh Narasimhadevara
Ganesh Narasimhadevara
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
May 20, 2020

I am addressing this currently in 2 steps:

Step 1:

Running the curl requests (for page 1 and page 2 - because I know the number of users on our account is less than 200. Number of users per page is hard limited to 100 by Atlassian)

 

curl -s --user <Username>:<ApiKey> "https://api.bitbucket.org/2.0/teams/<Org>/members?pagelen=100&page=1" | json_pp | pbcopy

 

curl -s --user <Username>:<ApiKey> "https://api.bitbucket.org/2.0/teams/<Org>/members?pagelen=100&page=2” | json_pp | pbcopy

Paste the contents in an excel after each curl request

Step2:

Apply filters and look for has_2fa_enabled flag for each user and filter them 

 

To make my life easier I wrote a py script that can do this for me and send list to slack channel. 

View More Comments
suraj
suraj
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
August 10, 2021

How do I generate the API keys, the password didnt work here ? and this api endpoint still working. The docs says its deprecated.

Like
Leonardo H
Leonardo H
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
June 27, 2022

Hey @suraj !

Just came across this thread and found that your question was left unanswered, I hope you have already found how API Keys can be generated.

In case not, here are some resources that can help you with this:

API Keys for Organizations:

  1. Access to admin.atlassian.comSelect the correct organization if you have more than one.

  2. Go to Settings > API keys.

  3. Click Create API key in the top right.

  4. Enter a name that you’ll remember to identify the API key.

  5. Change the expiration date if you'd like by picking a new date under Expires on. By default, the key expires one week from the creation date.

  6. Select Create to save the API key.

  7. Copy the values for your Organization ID and API key. You'll need those to use the API key.

 

Keep in mind it isn't possible to view the token after closing the creation dialog for security purposes.

 

API Keys For Products:

To create an API Key to use in your Atlassian Cloud products, you must:

  1. Log in to https://id.atlassian.com/manage-profile

  2. Navigate to Security and click "Create and manage API tokens"

  3. Click Create API token.

  4. From the dialog that appears, enter a memorable and concise Label for your token and click Create.

  5. Click Copy to clipboard, then paste the token to your script, or elsewhere to save

You can find more information about those in the following help articles:

Like
Reply
0 votes
victorferreirait
victorferreirait May 20, 2020

That would help me a lot at this point

Reply
0 votes
Daniil Penkin
Daniil Penkin
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
October 15, 2019

Hello @Ganesh Narasimhadevara,

Thanks for reaching out.

I'm not sure there's a reporting mechanism available for this yet. However, you can enforce two-factor authentication for a Bitbucket team if it is on a Premium plan.

Hope this helps.

Cheers,
Daniil

View More Comments
victorferreirait
victorferreirait May 20, 2020

That would be an extremely interesting feature to be added

Like Simon Attrill likes this
Reply

Suggest an answer

Log in or Sign up to answer
Bitbucket
Bitbucket
TAGS
AUG Leaders

Atlassian Community Events

    See all events
    Community
    Forums
    FAQs Forums guidelines
    Learning
    About learning Resources
    Events
    Copyright © 2025 Atlassian
    Privacy Policy Terms Security
    Welcome illustration

    Welcome to the new Atlassian Community

    Online forums and learning are now in one easy-to-use experience.

    By continuing, you accept the updated Community Terms of Use and acknowledge the Privacy Policy. Your public name, photo, and achievements may be publicly visible and available in search engines.