Delete repo v2 api returns deprecated response (BB-13649)
Issue #11466
resolved
We have a script cleaning up repositories used for deployment of applications. This involves deleting and creating repos, but within the last week the delete a repo api has stopped working.
Here is a quick curl example to reproduce curl -sX DELETE -u $apikey:x-oauth-basic -H "Content-Type: application/json" https://api.bitbucket.org/2.0/repositories/$bitbucket_user/$bitbucket_repo
Response {"error": {"message": "This API has been deprecated and is not available through OAuth2 or JWT"}}
Comments (15)
-
Jesse Yowell staff
-
Jesse Yowell staff
- changed status to open
-
Erik van Zijst staff
That looks like a regression. The team API keys do not have scopes and should not have this restriction. We'll fix this and keep you posted here on the issue tracker.
-
Erik van Zijst staff
-
assigned issue to
Erik van Zijst
-
assigned issue to
-
Erik van Zijst staff
- changed status to resolved
This should now be fixed.
-
Jesper Pedersen reporter
I can confirm that delete works for me now
-
Mike Hughes
@Erik van Zijst If I'm reading this correctly, you can delete repos with your team API key but not with an OAuth2 token, correct?
-
Erik van Zijst staff
That is correct.
We're planning on deprecating Team API Keys in exchange for regular scoped OAuth 2 tokens that do not expire (that by extension will also not be able to delete repos and accounts). We have no ETA or deprecation timeline as of yet though.
Note that the inability to delete certain resources is not necessarily a final decision. We might in the future decide to offer it through a yet to be defined privilege scope.
-
Mike Hughes
@Erik van Zijst thanks for the response. I am not allowing my app to actually delete repos although I was trying to mass delete a bunch of repos through the API that i set up for testing.... Is there a quick way to delete multiple repos that doesn't involve 5 clicks :)
-
Erik van Zijst staff
Is there a quick way to delete multiple repos that doesn't involve 5 clicks :)
You could delete the entire account ;-) But, no.
-
Tommy Schaefer
I just ran into this as well and was rather confused until I found this issue. Would it be possible to add a "Deprecated" label to the v2 API Documentation like the v1 documentation?
-
Erik van Zijst staff
We're not really ready to announce deprecation of API keys as we don't have a useable replacement ready. We are currently working on "application passwords" like I mentioned above (essentially scoped OAuth 2 tokens without expiration), but I have no ETA. Once we release that, we'll officially deprecate API keys.
-
tpiha
I don't understand why I can't delete the repo with oauth token. It's not mentioned anywhere. Before reading it in this thread, I didn't even know about some "team key", why isn't that mentioned in the docs? The method is documented exactly the same as all the other ones, why should developer expect the deprecation warning here? This API is in very, very, very bad state, it's really disappointing.
Also, base urls for the api are all over the place in the docs. Sometimes it's https://api.bitbucket.org/2.0/ and sometimes it's https://bitbucket.org/api/2.0/.
-
Erik van Zijst staff
Agreed that the documentation leaves quite bit to be desired. We're currently busy overhauling that and replacing it with an auto generated alternative that should address the issue of the docs getting stale and inconsistent.
-
tpiha
Glad to hear that Eric!
- Log in to comment
Issue
#11470was marked as a duplicate of this issue.