Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Upload SSH public key to bitbucket cloud using curl/REST and token

I have a bitbucket cloud account. Under: https://id.atlassian.com/manage/api-tokens I have generated an API Token which I am trying to use in a REST call to upload a public SSH key to my account. Based on:

https://docs.atlassian.com/bitbucket-server/rest/5.6.2/bitbucket-ssh-rest.html?utm_source=%2Fstatic%2Frest%2Fbitbucket-server%2F5.6.2%2Fbitbucket-ssh-rest.html&utm_medium=301#idm45427244388592

https://community.atlassian.com/t5/Answers-Developer-Questions/Bitbucket-REST-API-POST-using-token-instead-of-basic-auth/qaq-p/474823

I have tried:

curl -X POST -d '{"text":"ssh-rsa AAAAB3... [email protected]"}' -H "Authorization: Bearer ADasdaEeasAsd..." https://bitbucket.org/[my-account]]/rest/ssh/latest/keys

But when I run that I get:

{"type": "error", "error": {"message": "Access token expired. Use your refresh token to obtain a new access token."}}

I have tried to re-create the token and re-run the above command again - with the new token - but I get the same error.

Any suggestions?

Based on below answer and link I have now tried:

curl -X POST \
-H "Content-Type: application/json" \
-H "Authorization: Bearer wxdrtblabla..." \
-d '{"key": "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKqP3Cr632C2dNhhgKVcon4ldUSAeKiku2yP9O9/bDtY [email protected]/myuser"}' \
https://api.bitbucket.org/2.0/users/myuser/ssh-keys

But I get the exact same error:

{"type": "error", "error": {"message": "Access token expired. Use your refresh token to obtain a new access token."}}

So still no luck. Also if I access:

https://api.bitbucket.org/2.0/users/[myuser]/ssh-keys

directly in a browser I get:

type    "error"
error   
message "This API is only accessible with the following authentication types: session, password, apppassword"

EDIT/ANSWERED: Based on the updated answer below I have no tried to create an app password and grant it account: read/write in bitbucket and it works. I run it with:

curl -v -u myuser:my-generated-app-password -X POST  \
-H "Content-Type: application/json" \
-d '{"key": "ssh-rsa AAA....ro"}' \
https://api.bitbucket.org/2.0/users/myuser/ssh-keys
like image 471
u123 Avatar asked Sep 28 '18 16:09

u123


People also ask

How do I add a public key to Bitbucket?

Add the public key to your repository From Bitbucket, go to the repository and click Repository settings. Click Access keys from the left menu. Press Add key. From the Add SSH key dialog, enter a Label and paste the public key from the clipboard.

How do I use API token in Bitbucket?

Go to Profile picture > Manage account > HTTP access tokens. Select Create token. Set the token name, permissions, and expiry.

How do I save my SSH key in Bitbucket?

From Bitbucket, click Add key. Enter a Label for your new key, for example, Default public key. Paste the copied public key into the SSH Key field. Click Save.

Where do I put SSH public key?

You need to be able to transfer your public key to the remote system. Therefore, you must either be able to log into the remote system with an established account username and password/passphrase, or have an administrator on the remote system add the public key to the ~/. ssh/authorized_keys file in your account.


1 Answers

You're looking at Bitbucket Server documentation but using Bitbucket Cloud. (The giveaways: the "bitbucket-server" part of the doc path, and the "bitbucket.org" in the path where you're pushing your key.)

Check out https://developer.atlassian.com/bitbucket/api/2/reference/resource/users/%7Busername%7D/ssh-keys#post instead - that's the Bitbucket Cloud documentation to do what you're trying to do. Your URL will be more like https://api.bitbucket.org/2.0/users/[your-account]/ssh-keys.

EDIT: The error you received indicates the problem: you either need to make that call from within an existing session (i.e. from the GUI), use your password, or use an app password. I'd recommend the app password, since it's scoped, meant to be disposable, and won't let you log onto the GUI. Your curl call then becomes something like curl -u myuser:myapppassword -X POST -H "Content-Type: application/json" -d '{"key": "key content goes here"}' https://api.bitbucket.org/2.0/users/myuser/ssh-keys.

like image 86
Jim Redmond Avatar answered Oct 03 '22 23:10

Jim Redmond