Let's get to know Bitbucket
Bitbucket is a Git-based source code repository hosting service owned by Atlassian. Bitbucket offers both commercial plans and free accounts with an unlimited number of private repositories.

Bitbucket server

  • - if you are using the public SaaS Bitbucket server, you can use either "Identity provider" or "Token" login. The Token option has by default the address of the SaaS server.
  • Bitbucket Enterprise - if you are using a private Bitbucket installation, use "Token" login and provide the Bitbucket server URL on the "Token" login tab.

Connection options

  • Identity Provider - just click “Connect” under the “Identity Provider” tab and follow the instructions on the screen.
BitBucket connector
  • Username and Password - Create an App password in BitBucket with the permissions mentioned below, enter your username in the username field, copy the password into the password field and click “Connect”.
bitBucket Token

Permissions required

  • Account - Read and Write
  • Workspace memberships - Read and Write
  • Projects - Write and Admin
  • Repositories - Write and Admin
  • Pull requests - Read and WRite
  • Issues - Read and Write
  • Snippets - Read
  • Webhooks - Read and write
  • Pipelines - Read
  • Runners - Read
Once you have verified BitBucket connectivity, you can see all of the repositories and can select them for scanning.

Setting repositories' scope

You can use the "Gear" icon to choose the repositories' scope OX will cover. Only repositories chosen here will be covered and scanned.
Here you can also decide what will happen by default with newly discovered repositories.