Find all the keys for the currently authenticated user. Optionally, users with ADMIN and higher permissions may choose to specify the user parameter to retrieve GPG keys for another user.
Only authenticated users may call this endpoint.
string
number
number
Returns a paged response of of keys for the user.
1
2
3
curl --request GET \
--url 'http://{baseurl}/rest/gpg/latest/keys' \
--header 'Accept: application/json'1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
{
"values": [
{
"expiryDate": 61550496000000,
"fingerprint": "43:51:43:a1:b5:fc:8b:b7:0a:3a:a9:b1:0f:66:73:a8",
"emailAddress": "bitbucket@example.com",
"subKeys": [],
"id": "00000000000004d2"
}
],
"size": 1,
"isLastPage": true,
"nextPageStart": 2154,
"start": 2154,
"limit": 25
}Add a GPG key to the authenticated user's account. Optionally, users with ADMIN and higher permissions may choose to specify the user parameter to add a GPG key for another user.
Only authenticated users may call this endpoint.
string
The request body.
string
Response contains the GPG key that was just created.
1
2
3
4
5
6
7
curl --request POST \
--url 'http://{baseurl}/rest/gpg/latest/keys' \
--header 'Accept: application/json' \
--header 'Content-Type: application/json' \
--data '{
"text": "-----BEGIN PGP SIGNATURE-----\n\niQEzBAABCAAdFiEEM8MrWnoxlp3K1lFY5BMGiWNefn4FAlkqKE4ACgkQ5BMGiWNe\nfn6/kggAyzKhDDqdVb3Rq02hiSqeqKa1JuKRqDmzIpa6Pxa+1CpCnxwaIVrGgIii\nvj0ZNJzL1Bm2xm0JasotJDiZq5pFKi0FfQ0WmskuhsW1VY/f08TltHpHvK2kHVRr\nGEMVDUb0nj0I7Duc8XTipiYoDGS1GvydNR/bu3SsFTcZyapXirQcTCRT6/Sn0/IP\npUeIwQo1qK4e8gTOhWhfWEiVig39lQhiZFtm5S/vfAY72/Rgp68zMYmwasMSnBgF\n/LLFW6lXAqZIoAP8AnmsMRjCH6mS98+/lxKq2+K71+2YUUIAnNEeO09Lufo3B3Da\nPbs7BpD28w4lKlzb2EQ0n0C9rrxdPA==\n=VZpm\n-----END PGP SIGNATURE-----\n"
}'1
2
3
4
5
6
7
{
"expiryDate": 61550496000000,
"fingerprint": "43:51:43:a1:b5:fc:8b:b7:0a:3a:a9:b1:0f:66:73:a8",
"emailAddress": "bitbucket@example.com",
"subKeys": [],
"id": "00000000000004d2"
}Delete all GPG keys for a supplied user.
string
The GPG keys matching the supplied user were deleted.
1
2
curl --request DELETE \
--url 'http://{baseurl}/rest/gpg/latest/keys'Delete the GPG key with the specified ID or Key Fingerprint.
string
RequiredThe key has been deleted successfully.
1
2
curl --request DELETE \
--url 'http://{baseurl}/rest/gpg/latest/keys/{fingerprintOrId}'Find repository secret scanning allowlist rules by filtering.
Repository Admin is required
string
Requiredstring
Requiredstring
string
number
number
Page of allowlist rules
1
2
3
curl --request GET \
--url 'http://{baseurl}/rest/api/latest/projects/{projectKey}/repos/{repositorySlug}/secret-scanning/allowlist' \
--header 'Accept: application/json'1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
{
"values": [
{
"lineRegex": "(BBDC-[a-zA-Z0-9+]{44})",
"pathRegex": "*.pem",
"name": "Bitbucket DC HTTP access token",
"id": 7
}
],
"size": 1,
"isLastPage": true,
"nextPageStart": 2154,
"start": 2154,
"limit": 25
}Create a new repository secret scanning allowlist rule. Repository allowlist rules are used when scanning the given repository.
Repository Admin is required
string
Requiredstring
RequiredAllowlist rule to create, either the line regular expression or the path regular expression must be present
string
string
string
The created rule
1
2
3
curl --request POST \
--url 'http://{baseurl}/rest/api/latest/projects/{projectKey}/repos/{repositorySlug}/secret-scanning/allowlist' \
--header 'Accept: application/json'1
2
3
4
5
6
{
"lineRegex": "(BBDC-[a-zA-Z0-9+]{44})",
"pathRegex": "*.pem",
"name": "Bitbucket DC HTTP access token",
"id": 7
}Get a repository secret scanning allowlist rule by ID.
Repository Admin is required
string
Requiredstring
Requiredstring
RequiredThe requested allowlist rule
1
2
3
curl --request GET \
--url 'http://{baseurl}/rest/api/latest/projects/{projectKey}/repos/{repositorySlug}/secret-scanning/allowlist/{id}' \
--header 'Accept: application/json'1
2
3
4
5
6
{
"lineRegex": "(BBDC-[a-zA-Z0-9+]{44})",
"pathRegex": "*.pem",
"name": "Bitbucket DC HTTP access token",
"id": 7
}Edit a repository secret scanning allowlist rule.
Repository Admin is required
string
Requiredstring
Requiredstring
Requiredstring
string
string
The updated allowlist rule
1
2
3
curl --request PUT \
--url 'http://{baseurl}/rest/api/latest/projects/{projectKey}/repos/{repositorySlug}/secret-scanning/allowlist/{id}' \
--header 'Accept: application/json'1
2
3
4
5
6
{
"lineRegex": "(BBDC-[a-zA-Z0-9+]{44})",
"pathRegex": "*.pem",
"name": "Bitbucket DC HTTP access token",
"id": 7
}Delete a repository secret scanning allowlist rule with the provided ID.
Repository Admin is required
string
Requiredstring
Requiredstring
RequiredEmpty response indicating that the allowlist rule was deleted
1
2
curl --request DELETE \
--url 'http://{baseurl}/rest/api/latest/projects/{projectKey}/repos/{repositorySlug}/secret-scanning/allowlist/{id}'Check whether a repository is exempt from secret scanning
This request has no parameters.
True if the repository is exempt from secret scanning, false otherwise
any
1
2
3
curl --request GET \
--url 'http://{baseurl}/rest/api/latest/projects/{projectKey}/repos/{repositorySlug}/secret-scanning/exempt' \
--header 'Accept: application/json'Exempt a repository from being scanned for secrets
Deprecated since 8.6. Exemptions are now managed by scope. Use POST /rest/api/1.0/secret-scanning/exempt for global scope Use POST /rest/api/1.0/projects/{projectKey}/secret-scanning/exempt for the project scope
This request has no parameters.
An exempt repo was added
1
2
curl --request PUT \
--url 'http://{baseurl}/rest/api/latest/projects/{projectKey}/repos/{repositorySlug}/secret-scanning/exempt'Remove a repository from being exempt from secret scanning
This request has no parameters.
Empty response indicating that the exempt repository was deleted
1
2
curl --request DELETE \
--url 'http://{baseurl}/rest/api/latest/projects/{projectKey}/repos/{repositorySlug}/secret-scanning/exempt'Find repository secret scanning rules by filtering.
Repository Admin is required
string
Requiredstring
Requiredstring
string
number
number
Page of rules
1
2
3
curl --request GET \
--url 'http://{baseurl}/rest/api/latest/projects/{projectKey}/repos/{repositorySlug}/secret-scanning/rules' \
--header 'Accept: application/json'1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
{
"values": [
{
"lineRegex": "(BBDC-[a-zA-Z0-9+]{44})",
"pathRegex": "*.pem",
"scope": {
"resourceId": 2,
"type": "GLOBAL"
},
"name": "Bitbucket DC HTTP access token",
"id": 7
}
],
"size": 1,
"isLastPage": true,
"nextPageStart": 2154,
"start": 2154,
"limit": 25
}Create a new repository secret scanning rule. Repository rules are used when scanning the given repository.
Repository Admin is required
string
Requiredstring
RequiredRule to create, either the line regular expression or the path regular expression must be present
string
string
string
The created rule
1
2
3
curl --request POST \
--url 'http://{baseurl}/rest/api/latest/projects/{projectKey}/repos/{repositorySlug}/secret-scanning/rules' \
--header 'Accept: application/json'1
2
3
4
5
6
7
8
9
10
{
"lineRegex": "(BBDC-[a-zA-Z0-9+]{44})",
"pathRegex": "*.pem",
"scope": {
"resourceId": 2,
"type": "GLOBAL"
},
"name": "Bitbucket DC HTTP access token",
"id": 7
}Get a repository secret scanning rule by ID.
Repository Admin is required
string
Requiredstring
Requiredstring
RequiredThe requested rule
1
2
3
curl --request GET \
--url 'http://{baseurl}/rest/api/latest/projects/{projectKey}/repos/{repositorySlug}/secret-scanning/rules/{id}' \
--header 'Accept: application/json'1
2
3
4
5
6
7
8
9
10
{
"lineRegex": "(BBDC-[a-zA-Z0-9+]{44})",
"pathRegex": "*.pem",
"scope": {
"resourceId": 2,
"type": "GLOBAL"
},
"name": "Bitbucket DC HTTP access token",
"id": 7
}Edit a repository secret scanning rule.
Repository Admin is required
string
Requiredstring
Requiredstring
Requiredstring
string
string
The updated rule
1
2
3
curl --request PUT \
--url 'http://{baseurl}/rest/api/latest/projects/{projectKey}/repos/{repositorySlug}/secret-scanning/rules/{id}' \
--header 'Accept: application/json'1
2
3
4
5
6
7
8
9
10
{
"lineRegex": "(BBDC-[a-zA-Z0-9+]{44})",
"pathRegex": "*.pem",
"scope": {
"resourceId": 2,
"type": "GLOBAL"
},
"name": "Bitbucket DC HTTP access token",
"id": 7
}Delete a repository secret scanning rule with the provided ID.
Repository Admin is required
string
Requiredstring
Requiredstring
RequiredEmpty response indicating that the rule was deleted
1
2
curl --request DELETE \
--url 'http://{baseurl}/rest/api/latest/projects/{projectKey}/repos/{repositorySlug}/secret-scanning/rules/{id}'Find project secret scanning allowlist rules by filtering.
Project Admin is required
string
Requiredstring
string
number
number
Page of allowlist rules
1
2
3
curl --request GET \
--url 'http://{baseurl}/rest/api/latest/projects/{projectKey}/secret-scanning/allowlist' \
--header 'Accept: application/json'1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
{
"values": [
{
"lineRegex": "(BBDC-[a-zA-Z0-9+]{44})",
"pathRegex": "*.pem",
"name": "Bitbucket DC HTTP access token",
"id": 7
}
],
"size": 1,
"isLastPage": true,
"nextPageStart": 2154,
"start": 2154,
"limit": 25
}Create a new project level secret scanning allowlist rule. Project allowlist rules are used when scanning all non exempt repositories in the provided project.
Project Admin is required
string
RequiredAllowlist rule to create, either the line regular expression or the path regular expression must be present
string
string
string
The created allowlist rule
1
2
3
curl --request POST \
--url 'http://{baseurl}/rest/api/latest/projects/{projectKey}/secret-scanning/allowlist' \
--header 'Accept: application/json'1
2
3
4
5
6
{
"lineRegex": "(BBDC-[a-zA-Z0-9+]{44})",
"pathRegex": "*.pem",
"name": "Bitbucket DC HTTP access token",
"id": 7
}Get a project secret scanning allowlist rule by ID.
Project Admin is required
string
Requiredstring
RequiredThe requested allowlist rule
1
2
3
curl --request GET \
--url 'http://{baseurl}/rest/api/latest/projects/{projectKey}/secret-scanning/allowlist/{id}' \
--header 'Accept: application/json'1
2
3
4
5
6
{
"lineRegex": "(BBDC-[a-zA-Z0-9+]{44})",
"pathRegex": "*.pem",
"name": "Bitbucket DC HTTP access token",
"id": 7
}Edit a project secret scanning allowlist rule.
Project Admin is required
string
Requiredstring
Requiredstring
string
string
The updated allowlist rule
1
2
3
curl --request PUT \
--url 'http://{baseurl}/rest/api/latest/projects/{projectKey}/secret-scanning/allowlist/{id}' \
--header 'Accept: application/json'1
2
3
4
5
6
{
"lineRegex": "(BBDC-[a-zA-Z0-9+]{44})",
"pathRegex": "*.pem",
"name": "Bitbucket DC HTTP access token",
"id": 7
}Delete a project secret scanning allowlist rule with the provided ID.
Project Admin is required
string
Requiredstring
RequiredEmpty response indicating that the rule was deleted, or not found at this location
1
2
curl --request DELETE \
--url 'http://{baseurl}/rest/api/latest/projects/{projectKey}/secret-scanning/allowlist/{id}'Find repositories exempt from secret scanning in a project
string
number
number
Page of repositories
1
2
3
curl --request GET \
--url 'http://{baseurl}/rest/api/latest/projects/{projectKey}/secret-scanning/exempt' \
--header 'Accept: application/json'1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
{
"values": [
{
"hierarchyId": "e3c939f9ef4a7fae272e",
"statusMessage": "Available",
"relatedLinks": {},
"partition": 2154,
"defaultBranch": "main",
"description": "My repo description",
"scmId": "git",
"slug": "my-repo",
"archived": true,
"forkable": true,
"project": {
"description": "The description for my cool project",
"namespace": "<string>",
"avatar": "<string>",
"scope": "PROJECT",
"name": "My Cool Project",
"key": "PRJ",
"public": true,
"id": 2154,
"type": "NORMAL"
},
"scope": "REPOSITORY",
"origin": {
"hierarchyId": "e3c939f9ef4a7fae272e",
"statusMessage": "Available",
"relatedLinks": {},
"partition": 2154,
"defaultBranch": "main",
"description": "My repo description",
"scmId": "git",
"slug": "my-repo",
"archived": true,
"forkable": true,
"project": {
"description": "The description for my cool project",
"namespace": "<string>",
"avatar": "<string>",
"scope": "PROJECT",
"name": "My Cool Project",
"key": "PRJ",
"public": true,
"id": 2154,
"type": "NORMAL"
},
"scope": "REPOSITORY",
"name": "My repo",
"public": true,
"id": 2154,
"state": "AVAILABLE"
},
"name": "My repo",
"public": true,
"id": 2154,
"state": "AVAILABLE"
}
],
"size": 1,
"isLastPage": true,
"nextPageStart": 2154,
"start": 2154,
"limit": 25
}Bulk exempt a list of repositories from being scanned for secrets. User must be have PROJECT ADMIN permissions.
array<RestRepositorySelector>
truestring
string
All requested repositories were made exempt
1
2
curl --request POST \
--url 'http://{baseurl}/rest/api/latest/projects/{projectKey}/secret-scanning/exempt'Find project secret scanning rules by filtering.
Project Admin is required
string
Requiredstring
string
number
number
Page of rules
1
2
3
curl --request GET \
--url 'http://{baseurl}/rest/api/latest/projects/{projectKey}/secret-scanning/rules' \
--header 'Accept: application/json'1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
{
"values": [
{
"lineRegex": "(BBDC-[a-zA-Z0-9+]{44})",
"pathRegex": "*.pem",
"scope": {
"resourceId": 2,
"type": "GLOBAL"
},
"name": "Bitbucket DC HTTP access token",
"id": 7
}
],
"size": 1,
"isLastPage": true,
"nextPageStart": 2154,
"start": 2154,
"limit": 25
}Create a new project level secret scanning rule. Project rules are used when scanning all non exempt repositories in the provided project.
Project Admin is required
string
RequiredRule to create, either the line regular expression or the path regular expression must be present
string
string
string
The created rule
1
2
3
curl --request POST \
--url 'http://{baseurl}/rest/api/latest/projects/{projectKey}/secret-scanning/rules' \
--header 'Accept: application/json'1
2
3
4
5
6
7
8
9
10
{
"lineRegex": "(BBDC-[a-zA-Z0-9+]{44})",
"pathRegex": "*.pem",
"scope": {
"resourceId": 2,
"type": "GLOBAL"
},
"name": "Bitbucket DC HTTP access token",
"id": 7
}Get a project secret scanning rule by ID.
Project Admin is required
string
Requiredstring
RequiredThe requested rule
1
2
3
curl --request GET \
--url 'http://{baseurl}/rest/api/latest/projects/{projectKey}/secret-scanning/rules/{id}' \
--header 'Accept: application/json'1
2
3
4
5
6
7
8
9
10
{
"lineRegex": "(BBDC-[a-zA-Z0-9+]{44})",
"pathRegex": "*.pem",
"scope": {
"resourceId": 2,
"type": "GLOBAL"
},
"name": "Bitbucket DC HTTP access token",
"id": 7
}Edit a project secret scanning rule.
Project Admin is required
string
Requiredstring
Requiredstring
string
string
The updated rule
1
2
3
curl --request PUT \
--url 'http://{baseurl}/rest/api/latest/projects/{projectKey}/secret-scanning/rules/{id}' \
--header 'Accept: application/json'1
2
3
4
5
6
7
8
9
10
{
"lineRegex": "(BBDC-[a-zA-Z0-9+]{44})",
"pathRegex": "*.pem",
"scope": {
"resourceId": 2,
"type": "GLOBAL"
},
"name": "Bitbucket DC HTTP access token",
"id": 7
}Delete a project secret scanning rule with the provided ID.
Project Admin is required
string
Requiredstring
RequiredEmpty response indicating that the rule was deleted, or not found at this location
1
2
curl --request DELETE \
--url 'http://{baseurl}/rest/api/latest/projects/{projectKey}/secret-scanning/rules/{id}'Find all repositories exempt from secret scanning
string
number
number
Page of repositories
1
2
3
curl --request GET \
--url 'http://{baseurl}/rest/api/latest/secret-scanning/exempt' \
--header 'Accept: application/json'1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
{
"values": [
{
"hierarchyId": "e3c939f9ef4a7fae272e",
"statusMessage": "Available",
"relatedLinks": {},
"partition": 2154,
"defaultBranch": "main",
"description": "My repo description",
"scmId": "git",
"slug": "my-repo",
"archived": true,
"forkable": true,
"project": {
"description": "The description for my cool project",
"namespace": "<string>",
"avatar": "<string>",
"scope": "PROJECT",
"name": "My Cool Project",
"key": "PRJ",
"public": true,
"id": 2154,
"type": "NORMAL"
},
"scope": "REPOSITORY",
"origin": {
"hierarchyId": "e3c939f9ef4a7fae272e",
"statusMessage": "Available",
"relatedLinks": {},
"partition": 2154,
"defaultBranch": "main",
"description": "My repo description",
"scmId": "git",
"slug": "my-repo",
"archived": true,
"forkable": true,
"project": {
"description": "The description for my cool project",
"namespace": "<string>",
"avatar": "<string>",
"scope": "PROJECT",
"name": "My Cool Project",
"key": "PRJ",
"public": true,
"id": 2154,
"type": "NORMAL"
},
"scope": "REPOSITORY",
"name": "My repo",
"public": true,
"id": 2154,
"state": "AVAILABLE"
},
"name": "My repo",
"public": true,
"id": 2154,
"state": "AVAILABLE"
}
],
"size": 1,
"isLastPage": true,
"nextPageStart": 2154,
"start": 2154,
"limit": 25
}Bulk exempt a list of repositories from being scanned for secrets. User must be have global ADMIN permissions.
array<RestRepositorySelector>
truestring
string
All requested repositories were made exempt
1
2
curl --request POST \
--url 'http://{baseurl}/rest/api/latest/secret-scanning/exempt'Find global secret scanning rules by filtering.
string
string
number
number
Page of rules
1
2
3
curl --request GET \
--url 'http://{baseurl}/rest/api/latest/secret-scanning/rules' \
--header 'Accept: application/json'1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
{
"values": [
{
"lineRegex": "(BBDC-[a-zA-Z0-9+]{44})",
"pathRegex": "*.pem",
"scope": {
"resourceId": 2,
"type": "GLOBAL"
},
"name": "Bitbucket DC HTTP access token",
"id": 7
}
],
"size": 1,
"isLastPage": true,
"nextPageStart": 2154,
"start": 2154,
"limit": 25
}Create a new global secret scanning rule. Global rules are used when scanning all non exempt repositories.
Rule to create, either the line regular expression or the path regular expression must be present
string
string
string
The created rule
1
2
3
curl --request POST \
--url 'http://{baseurl}/rest/api/latest/secret-scanning/rules' \
--header 'Accept: application/json'1
2
3
4
5
6
7
8
9
10
{
"lineRegex": "(BBDC-[a-zA-Z0-9+]{44})",
"pathRegex": "*.pem",
"scope": {
"resourceId": 2,
"type": "GLOBAL"
},
"name": "Bitbucket DC HTTP access token",
"id": 7
}Get a global secret scanning rule by ID.
string
RequiredThe requested rule
1
2
3
curl --request GET \
--url 'http://{baseurl}/rest/api/latest/secret-scanning/rules/{id}' \
--header 'Accept: application/json'1
2
3
4
5
6
7
8
9
10
{
"lineRegex": "(BBDC-[a-zA-Z0-9+]{44})",
"pathRegex": "*.pem",
"scope": {
"resourceId": 2,
"type": "GLOBAL"
},
"name": "Bitbucket DC HTTP access token",
"id": 7
}Edit an existing global secret scanning rule
string
Requiredstring
string
string
The updated rule
1
2
3
curl --request PUT \
--url 'http://{baseurl}/rest/api/latest/secret-scanning/rules/{id}' \
--header 'Accept: application/json'1
2
3
4
5
6
7
8
9
10
{
"lineRegex": "(BBDC-[a-zA-Z0-9+]{44})",
"pathRegex": "*.pem",
"scope": {
"resourceId": 2,
"type": "GLOBAL"
},
"name": "Bitbucket DC HTTP access token",
"id": 7
}Delete a global secret scanning rule with the provided ID
string
RequiredEmpty response indicating that the rule was deleted
1
2
curl --request DELETE \
--url 'http://{baseurl}/rest/api/latest/secret-scanning/rules/{id}'Rate this page: