JupiterOne provides a managed integration with Bitbucket. The integration connects directly to Bitbucket APIs to obtain account metadata and analyze resource relationships. Customers authorize access by creating a Bitbucket OAuth App in their account and providing the app credentials to JupiterOne.
Integration Instance Configuration¶
The integration is triggered by an event containing the information for a specific integration instance.
The integration instance configuration requires the customer’s Bitbucket OAuth
clientSecret to authenticate requests to the Bitbucket REST
APIs. The integration requires Read access to the target Account, Team
Membership, Projects, and Repositories.
See the following screenshot for an example configuration within a Bitbucket Team Settings, note the required and optional settings.
BitBucket OAuth Example Config
Pull requests read permission is needed to ingest PRs. The PR entities serve as code review records for security and compliance.
The following entity resources are ingested when the integration runs:
|Bitbucket Entity Resource||_type : _class of the Entity|
The following relationships are created/mapped:
Basic relationships within the integration instance account/resources¶