20

I have found bitbucket api like:

https://bitbucket.org/api/2.0/repositories/{teamname}

But this link return 301 status (moved permanently to !api/2.0/repositories/{teamname}).

Ok, but this one returns status 200 with zero repositories.

I provide two parameters as user and password, but nothing seems changed.

So, can anybody answer how to get full list of private repositories that allowed to specific user?

Daniel Andrei Mincă
  • 4,446
  • 2
  • 19
  • 30
gaussblurinc
  • 3,642
  • 9
  • 35
  • 64
  • The first endpoint [works just fine](https://bitbucket.org/api/2.0/repositories/gentlero) for me. Remember that you need to authenticate in order to see the private repositories and you must be member of that team and have at least read access to the repositories. – Alexandru Guzinschi May 17 '14 at 16:50
  • 1
    I feel like the bitbuket API is so bad, nobody knows how to do things with it. – AFP_555 May 13 '19 at 04:10

5 Answers5

24

Atlassian Documentation - Repositories Endpoint provides a detail documentation on how to access the repositories.

The URL mentioned in bitbucket to GET a list of repositories for an account is:

GET https://api.bitbucket.org/2.0/repositories/{owner}

If you use the above URL it always retrieves the repositories where you are the owner. In order to retrieve full list of repositories that the user is member of, you should call:

GET https://api.bitbucket.org/2.0/repositories?role=member

You can apply following set of filters for role based on your needs.

To limit the set of returned repositories, apply the role=[owner|admin|contributor|member] parameter where the roles are:

  • owner: returns all repositories owned by the current user.
  • admin: returns repositories to which the user has explicit administrator access.
  • contributor: returns repositories to which the user has explicit write access.
  • member: returns repositories to which the user has explicit read access.

Edit-1:
You can make use of Bitbucket REST browser for testing the request/response.(discontinued)

blizzard
  • 5,275
  • 2
  • 34
  • 48
  • 1
    OP (and I posthumously) want this information relative to a specific user rather than the current user. This functionality appeared to be available in [v1 API as the privileges endpoint](https://confluence.atlassian.com/bitbucket/privileges-endpoint-296093145.html#privilegesEndpoint-GETalistofindividualuserprivilegesgrantedonarepository), however [v2 doesn't appear to have same endpoint](https://developer.atlassian.com/bitbucket/api/2/reference/resource/). – andyfeller May 18 '17 at 13:02
  • 1
    @user771555 v2 API is not a complete replacement for v1. If v2 API does not have an endpoint -- and the functionality has not been moved to a completely different endpoint -- you can continue to use the v1 API endpoints. For example, as of writing this the "privileges " endpoint still only exists in v1 API at https://api.bitbucket.org/1.0/privileges and there is no v2 implementation of that, but the v1 endpoint functions without issues. (Also, did you die? re:posthumously) – simpleuser Sep 30 '17 at 19:14
  • LInk to API 2.0 reference for repositories https://developer.atlassian.com/bitbucket/api/2/reference/resource/repositories – thun Mar 27 '18 at 01:18
  • 7
    Nowhere in their documentation did they mention that the base URL is `https://api.bitbucket.org`, which is horribly stupid. – qed Sep 09 '18 at 20:41
  • 1
    There's pagination here, is there some way to get all pages in one GET request? – Alexander Mills May 10 '19 at 18:56
  • Documentation doesn't talk about this filtering option. Where do you know this from and where can one read about it more? – Martynas Sep 06 '19 at 10:03
1

You should not use the API from the https://bitbucket.org/api domain.

Instead, you should always use https://api.bitbucket.org.

Now one reason you might be getting an empty result after following the redirect could be because some http clients will only send Basic Auth credentials if the server explicitly asks for them by returning a 401 response with the WWW-Authenticate response header.

The repositories endpoint does not require authentication. It will simply return the repos that are visible to anonymous users (which might well be an empty set in your case) and so clients that insist on a WWW-Authenticate challenge (there are many, including Microsoft Powershell) will not work as expected (note, curl always sends Basic Auth credentials eagerly, which makes it a good tool for testing).

Erik van Zijst
  • 2,282
  • 2
  • 17
  • 14
1

Unfortunately, from what I see in the documentation, there is no way to list all private repositories which the user has access to.

GET https://api.bitbucket.org/2.0/repositories

"Returns a paginated list of all public repositories." according to the doco.

GET https://api.bitbucket.org/2.0/repositories/{owner}

"Returns a paginated list of all repositories owned by the specified account or UUID." according to the doco.

So, getting all private repositories not necessarily owned by the user is either not possible, or I haven't found the right endpoint, or the documentation is inacurate.

Fletch
  • 4,829
  • 2
  • 41
  • 55
1

None of the answers above worked for me, so this is what I did. We'll use the Bitbucket REST API.

Authentication

You can't use your normal credentials. I created an API Password. I'm not sure how to get to this page via your browser, but go here: https://bitbucket.org/account/settings/app-passwords/

Create an App Password, then cut and save the password that Atlassian generates for you.

Curl

curl --user your_username:your_app_password https://api.bitbucket.org/2.0/repositories/your_workspace?pagelen=100

I piped that to jq and saved it to a file.

your_workspace you get from looking at the URL of any of your repositories.

Paging

The maximum pagelen appears to be 100. If you have more than 100 repos, then you might have to do this:

curl --user your_username:your_app_password https://api.bitbucket.org/2.0/repositories/your_workspace?pagelen=100&page=2

The JSON

The JSON isn't too bad. You want the "values" array. From there, look at links.clone, which might have two entries like this:

    "clone": [
      {
        "href": "https://user@bitbucket.org/WORKSPACE/REPO.git",
        "name": "https"
      },
      {
        "href": "git@bitbucket.org:WORKSPACE/REPO.git",
        "name": "ssh"
      }
    ],

That's a cut & paste from my results with personal info changed. Also useful are two other fields:

  "full_name": "WORKSPACE/repo",
  "name": "Repo",
Joseph Larson
  • 8,530
  • 1
  • 19
  • 36
0

Expanding on blizzard's answer, here's a little node.js script I just wrote:

import axios from 'axios';
import fs from 'fs';


async function main() {
    const bitbucket = axios.create({
        baseURL: 'https://api.bitbucket.org/2.0',
        auth: {
            username: process.env.BITBUCKET_USERNAME!,
            password: process.env.BITBUCKET_PASSWORD!,
        }
    });

    const repos = [];
    let next = 'repositories?role=member';

    for(;;) {
        console.log(`Fetching ${next}`)
        const res = await bitbucket.get(next);
        if(res.status < 200 || res.status >= 300) {
            console.error(res);
            return 1;
        }
        repos.push(...res.data.values);
        if(!res.data.next) break;
        next = res.data.next;
    }
    console.log(`Done; writing file`);
    await fs.promises.writeFile(`${__dirname}/../data/repos.json`,JSON.stringify(repos,null,2),{encoding:'utf8'});
}


main().catch(err => {
    console.error(err);
});
mpen
  • 272,448
  • 266
  • 850
  • 1,236