When you have a git repo checked out, and want to use it with say intellij, it asks for username and password. At this point you need to create an "app password" in settings in BB.
The issue is that it gives you a list of low level permissions, without guidance on what is needed for an IDE.
E.g. I don't know what "workspace membership" is, or whether IDE needs read or write or both.
Does anyone have a handy or recommended set of permissions for an IDE to do IDE stuff for software development (commit, pull, git blame, branch, clone etc.) in a corporation?
The danger is that devs just give all permissions, including admin and delete.
Hi @SH,
Git clients need to be able to communicate with Bitbucket Cloud to clone a repo, pull from it, and push changes. For these operations, Repositories - Read and Repositories - Write permissions are enough. Commit, git blame, and creating a new branch locally are operations done on your local repo, so the client doesn't need to communicate with Bitbucket to perform these.
Some Git clients may perform additional operations, e.g. have an option to add your Bitbucket account. This is the case with SourceTree, but I'm not sure if certain IDEs have added similar functionality. The app password needs to have Account - Read permissions as well if there's an option to add your Bitbucket account to the IDE.
The operations that the IDE performs with these credentials determine what kind of permissions are needed. For the operations you listed, Repositories - Read and Repositories - Write permissions are enough.
Please feel free to reach out if you have any questions!
Kind regards,
Theodora
Online forums and learning are now in one easy-to-use experience.
By continuing, you accept the updated Community Terms of Use and acknowledge the Privacy Policy. Your public name, photo, and achievements may be publicly visible and available in search engines.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.