Request only the Bitbucket OAuth scopes your application needs

When signing in using Bitbucket, you redirect the user to https://bitbucket.org/api/1.0/oauth/authenticate?oauth_callback=https%3A%2F%2Fwww.versioneye.com%2Fauth%2Fbitbucket%2Fcallback&oauth_token=[token].

No access scopes are requested explicitly, and Bitbucket seems to interpret that as you requesting all scopes. It's not clear to me if Bitbucket's OAuth 1.0 implementation supports scopes, so you may need to upgrade to OAuth 2.0