Bitbucket API user access

1
votes

Implementing a PHP Bitbucket API service for a website. One thing I need to do is give a bitbucket user (could be anyone at all as long as they have a bitbucket account) access to a private repository and be able to pull the repo down via composer.

  • Is this possible by the Bitbucket API?
  • Should I be giving the user just standard read access to the repo?
  • If thats the case what happens with SSH keys? How would I handle that?
  • OR should I use the deployment keys feature? Is this available via the API?

If you know of any documentation apart from the official ones that might highlight some of these features slightly better, it would be greatly appreciated.

Thankyou

2
apiauthenticationbitbucketssh-keysbitbucket-api
Not sure I understand the question. Do you want to allow any Bitbucket user to clone your repo? If so, why not just make it public?Erik van Zijst

2 Answers

0
votes

To give a user access to a repository through the API: https://confluence.atlassian.com/display/BITBUCKET/privileges+Endpoint#privilegesEndpoint-PUTanewprivilege

If all you need is the ability to clone, then "read" permission is sufficient.

HTTPS vs SSH is orthogonal. Once a user has access, it is up to them to choose the protocol.

Deploy keys are another option is all you need to the ability to clone a repo over SSH (not HTTPS), but it sounds like that may not be a very good fit for what you're trying to do.

0
votes

The user would need access to the repository... read access is fine

now since your repository is a private one, it's not hosted on packagist, i'm assuming...

so your composer config, well at least the way we do it in our workspace could be as follows:

{
  "name" : "bitbucket-users-project-name",
  "author" : "bitbucket-users-name",
  "repositories": [
    {
      "type": "git",
      "url": "[email protected]:your-username/your-repo-name.git"
    }
  ],
  "require" : {
    "your-repo-composer--name" : "version.number.here"
  }
}

for testing purposes you could use dev-master instead of version.number.here

now since you're using the ssh git url, that user would require their ssh key added to their own account