OAuth 2.0 API Password Credentials Grant stopped working

Issue #16985 resolved
Mark Cerezo staff created an issue

Summary

Resource Owner Password Credentials Grant (4.3) has stopped working this month. https://developer.atlassian.com/cloud/bitbucket/oauth-2/

Steps to reproduce:

$ curl -X POST -u "client_id:secret" \
       https://bitbucket.org/site/oauth2/access_token -d grant_type=password \
       -d username=my_username -d password=my_password
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100   168  100    93  100    75     50     40  0:00:01  0:00:01 --:--:--    90{"error_description": "Invalid resource owner username/password", "error": "invalid_request"}

Expected Results

Password Credentials Grant Rest API should be working

Actual Results

Password Credentials Grant Rest API stopped working

Workaround

Use an App password as authentication for API calls. For example:

CURL https://api.bitbucket.org/2.0/repositories/username/repository_name -u usename:YOUR_APP_PASSWORD

Comments (7)

  1. Colorfield Git User

    This bug is a showstopper for me. The workaround you provide would require too much rework on my side. I appreciate there are lots of other issues looking at the master list but can we please at least assign someone to start investigating/fixing this?

  2. b7a.demo@gmail.com

    Today I experienced the same issue. It has been working few months earlier. But today I got the same error response reported.

    {"error_description": "Invalid resource owner username/password", "error": "invalid_request"}
    
  3. Log in to comment