Skip to main content

Overview

Backline integrates with Bitbucket to automatically create secure pull requests that remediate known vulnerabilities in your repositories. This streamlines the remediation process and helps keep your codebase secure.

What You Can Do

With the Bitbucket integration, Backline can:
  • Access your Bitbucket repositories and workspaces
  • Analyze dependencies and identify risks
  • Create pull requests with automated security fixes
  • Monitor remediation status across Bitbucket projects

Prerequisites

Before connecting Bitbucket, ensure you have:
  • A Bitbucket workspace with appropriate access
  • Ability to create a service account with Admin role
  • Access to generate API tokens for the service account

Connecting Bitbucket

1

Create Service Account

Create a Bitbucket service account with Admin role scoped to a single workspace. This dedicated account will be used exclusively for Backline’s integration.
2

Generate API Token

In Bitbucket, navigate to your service account settings and create an API token with the required permissions (listed below).
3

Go to Integration Hub

In Backline, navigate to Integrations from the main menu.
4

Select Bitbucket

Find and click on the Bitbucket integration card.
5

Enter Credentials

Provide your service account details:
  • Atlassian Account Email: The email address of your Bitbucket service account
  • API Token: The API token generated in Step 2
6

Verify Connection

Click Connect to verify your credentials. Once verified, Backline will securely link to your Bitbucket workspace and enable automated remediation.

API Token Configuration

The API token is used to authenticate with the Bitbucket API. This token must have access to the required repositories, pull requests, pipelines, and webhooks.

Required Scopes

Configure your Bitbucket API token with the following scopes: Read Permissions:
  • read:account - Access account information
  • read:project:bitbucket - Read project details
  • read:pullrequest:bitbucket - View pull requests
  • read:repository:bitbucket - Access repository content
  • read:user:bitbucket - Read user information
  • read:webhook:bitbucket - View webhook configurations
  • read:workspace:bitbucket - Access workspace details
  • read:pipeline:bitbucket - Monitor pipeline status
Write Permissions:
  • write:pullrequest:bitbucket - Create and update pull requests
  • write:repository:bitbucket - Make changes to repositories
  • write:webhook:bitbucket - Configure webhooks for event notifications
These permissions allow Backline to access your repositories and create pull requests for security fixes while maintaining visibility into your workspace structure.

After Connection

Once Bitbucket is connected, Backline will:
  1. Index your repositories
  2. Generate remediation plans for vulnerabilities from those repositories
  3. Create pull requests for automated fixes

Managing the Integration

Modifying Repository Access

To change which repositories Backline can access:
  1. Go to your Bitbucket workspace settings
  2. Navigate to OAuth consumers
  3. Find Backline and adjust permissions