How to get a full list of repositories that a user is allowed to access?

Question

I have found bitbucket api like:

https://bitbucket.org/api/2.0/repositories/{teamname}

But this link return 301 status (moved permanently t

Answer 1

Unfortunately, from what I see in the documentation, there is no way to list all private repositories which the user has access to.

GET https://api.bitbucket.org/2.0/repositories

"Returns a paginated list of all public repositories." according to the doco.

GET https://api.bitbucket.org/2.0/repositories/{owner}

"Returns a paginated list of all repositories owned by the specified account or UUID." according to the doco.

So, getting all private repositories not necessarily owned by the user is either not possible, or I haven't found the right endpoint, or the documentation is inacurate.

Answer 2

Expanding on blizzard's answer, here's a little node.js script I just wrote:

import axios from 'axios';
import fs from 'fs';


async function main() {
    const bitbucket = axios.create({
        baseURL: 'https://api.bitbucket.org/2.0',
        auth: {
            username: process.env.BITBUCKET_USERNAME!,
            password: process.env.BITBUCKET_PASSWORD!,
        }
    });

    const repos = [];
    let next = 'repositories?role=member';

    for(;;) {
        console.log(`Fetching ${next}`)
        const res = await bitbucket.get(next);
        if(res.status < 200 || res.status >= 300) {
            console.error(res);
            return 1;
        }
        repos.push(...res.data.values);
        if(!res.data.next) break;
        next = res.data.next;
    }
    console.log(`Done; writing file`);
    await fs.promises.writeFile(`${__dirname}/../data/repos.json`,JSON.stringify(repos,null,2),{encoding:'utf8'});
}


main().catch(err => {
    console.error(err);
});

Answer 3

You should not use the API from the https://bitbucket.org/api domain.

Instead, you should always use https://api.bitbucket.org.

Now one reason you might be getting an empty result after following the redirect could be because some http clients will only send Basic Auth credentials if the server explicitly asks for them by returning a 401 response with the WWW-Authenticate response header.

The repositories endpoint does not require authentication. It will simply return the repos that are visible to anonymous users (which might well be an empty set in your case) and so clients that insist on a WWW-Authenticate challenge (there are many, including Microsoft Powershell) will not work as expected (note, curl always sends Basic Auth credentials eagerly, which makes it a good tool for testing).

Answer 4

Atlassian Documentation - Repositories Endpoint provides a detail documentation on how to access the repositories.

The URL mentioned in bitbucket to GET a list of repositories for an account is:

GET https://api.bitbucket.org/2.0/repositories/{owner}

If you use the above URL it always retrieves the repositories where you are the owner. In order to retrieve full list of repositories that the user is member of, you should call:

GET https://api.bitbucket.org/2.0/repositories?role=member

You can apply following set of filters for role based on your needs.

To limit the set of returned repositories, apply the role=[owner|admin|contributor|member] parameter where the roles are:

• owner: returns all repositories owned by the current user.
• admin: returns repositories to which the user has explicit administrator access.
• contributor: returns repositories to which the user has explicit write access.
• member: returns repositories to which the user has explicit read access.

Edit-1:
You can make use of Bitbucket REST browser for testing the request/response.(discontinued)