This is the reference document for the Atlassian Bitbucket REST API. The REST API is for developers who want to:
Because the REST API is based on open standards, you can use any web development language or command line tool capable of generating an HTTP request to access the API. See the developer documentation for a basic usage example.
If you're already working with the Atlassian SDK, the REST API Browser is a great tool for exploring and experimenting with the Bitbucket REST API.
Bitbucket's REST APIs provide access to resources (data entities) via URI paths. To use a REST API, your application will make an HTTP request and parse the response. The Bitbucket REST API uses JSON as its communication format, and the standard HTTP methods like GET, PUT, POST and DELETE. URIs for Bitbucket's REST API resource have the following structure:
http://host:port/context/rest/api-name/api-version/path/to/resource
For example, the following URI would retrieve a page of the latest commits to the jira repository in the JIRA project on https://stash.atlassian.com.
https://stash.atlassian.com/rest/api/1.0/projects/JIRA/repos/jira/commits
See the API descriptions below for a full list of available resources.
Alternatively we also publish a list of resources in WADL format. It is available here.
Bitbucket uses paging to conserve server resources and limit response size for resources that return potentially large
collections of items. A request to a paged API will result in a values
array wrapped in a JSON object
with some paging metadata, like this:
{ "size": 3, "limit": 3, "isLastPage": false, "values": [ { /* result 0 */ }, { /* result 1 */ }, { /* result 2 */ } ], "start": 0, "filter": null, "nextPageStart": 3 }
Clients can use the limit
and start
query parameters to retrieve the desired number of
results.
The limit
parameter indicates how many results to return per page. Most APIs default to returning
25
if the limit is left unspecified. This number can be increased, but note that a resource-specific
hard limit will apply. These hard limits can be configured by server administrators, so it's always best practice to
check the limit
attribute on the response to see what limit has been applied.
The request to get a larger page should look like this:
http://host:port/context/rest/api-name/api-version/path/to/resource?limit={desired size of page}
For example:
https://stash.atlassian.com/rest/api/1.0/projects/JIRA/repos/jira/commits?limit=1000
The start
parameter indicates which item should be used as the first item in the page of results. All
paged responses contain an isLastPage
attribute indicating whether another page of items exists.
Important: If more than one page exists (i.e. the response contains
"isLastPage": false
), the response object will also contain a nextPageStart
attribute
which must be used by the client as the start
parameter on the next request.
Identifiers of adjacent objects in a page may not be contiguous, so the start of the next page is not
necessarily the start of the last page plus the last page's size. A client should always use
nextPageStart
to avoid unexpected results from a paged API.
The request to get a subsequent page should look like this:
http://host:port/context/rest/api-name/api-version/path/to/resource?start={nextPageStart from previous response}
For example:
https://stash.atlassian.com/rest/api/1.0/projects/JIRA/repos/jira/commits?start=25
Any authentication that works against Bitbucket will work against the REST API. The preferred authentication methods are HTTP Basic (when using SSL) and OAuth. Other supported methods include: HTTP Cookies and Trusted Applications.
You can find OAuth code samples in several programming languages at bitbucket.org/atlassian_tutorial/atlassian-oauth-examples.
The log-in page uses cookie-based authentication, so if you are using Bitbucket in a browser you can call REST from JavaScript on the page and rely on the authentication that the browser has established.
If a request fails due to client error, the resource will return an HTTP response code in the 40x range. These can be broadly categorised into:
HTTP Code | Description |
---|---|
400 (Bad Request) |
One or more of the required parameters or attributes:
|
401 (Unauthorized) |
Either:
|
403 (Forbidden) | Actions are usually "forbidden" if they involve breaching the licensed user limit of the server, or degrading the authenticated user's permission level. See the individual resource documentation for more details. |
404 (Not Found) | The entity you are attempting to access, or the project or repository containing it, does not exist. |
405 (Method Not Allowed) | The request HTTP method is not appropriate for the targeted resource. For example an HTTP GET to a resource that only accepts an HTTP POST will result in a 405. |
409 (Conflict) |
The attempted update failed due to some conflict with an existing resource. For example:
|
415 (Unsupported Media Type) |
The request entity has a Content-Type that the server does not support. Almost all of the
Bitbucket REST API accepts application/json format, but check the individual resource
documentation for more details. Additionally, double-check that you are setting the
Content-Type header correctly on your request (e.g. using
-H "Content-Type: application/json" in cURL).
|
For 400 HTTP codes the response will typically contain one or more validation error messages, for example:
{ "errors": [ { "context": "name", "message": "The name should be between 1 and 255 characters.", "exceptionName": null }, { "context": "email", "message": "The email should be a valid email address.", "exceptionName": null } ] }
The context
attribute indicates which parameter or request entity attribute failed validation. Note
that the context
may be null.
For 401, 403, 404 and 409 HTTP codes, the response will contain one or more descriptive error messages:
{ "errors": [ { "context": null, "message": "A detailed error message.", "exceptionName": null } ] }
A 500 (Server Error) HTTP code indicates an incorrect resource url or an unexpected server error. Double-check the URL you are trying to access, then report the issue to your server administrator or Atlassian Support if problems persist.
Bitbucket allows users to manage their own repositories, called personal repositories. These are repositories associated with the user and to which they always have REPO_ADMIN permission.
Accessing personal repositories via REST is achieved through the normal project-centric REST URLs using the user's slug prefixed by tilde as the project key. E.g. to list personal repositories for a user with slug "johnsmith" you would make a GET to:
http://example.com/rest/api/1.0/projects/~johnsmith/repos
In addition to this, Bitbucket allows access to these repositories through an alternate set of user-centric REST URLs beginning with:
http://example.com/rest/api/1.0/users/~{userSlug}/reposE.g. to list the forks of the repository with slug "nodejs" in the personal project of user with slug "johnsmith" using the regular REST URL you would make a GET to:
http://example.com/rest/api/1.0/projects/~johnsmith/repos/nodejs/forksUsing the alternate URL, you would make a GET to:
http://example.com/rest/api/1.0/users/johnsmith/repos/nodejs/forks
Provides categorization, creation and workflow support for branches
Creates a branch in the specified repository.
The authenticated user must have an effective REPO_WRITE permission to call this resource. If branch permissions are set up in the repository, the authenticated user must also have access to the branch name that is to be created.
Example request representations:
{"name":"feature/my-feature-branch","startPoint":"refs/heads/master"}
Example response representations:
{"id":"refs/heads/master","displayId":"master","type":"BRANCH","latestCommit":"8d51122def5632836d1cb1026e879069e10a1e13","latestChangeset":"8d51122def5632836d1cb1026e879069e10a1e13","isDefault":true}
a JSON representation of the newly created branch
{"errors":[{"context":null,"message":"A detailed error message.","exceptionName":null}]}
the branch was not created because the request was invalid, e.g. the provided ref name already existed in the repository, or was not a valid ref name in the repository
{"errors":[{"context":null,"message":"A detailed error message.","exceptionName":null}]}
The currently authenticated user has insufficient permissions to create a branch. This could be due to insufficient repository permissions, or lack of branch permission for the provided ref name
Deletes a branch in the specified repository.
If the branch does not exist, this operation will not raise an error. In other words after calling this resource and receiving a 204 response the branch provided in the request is guaranteed to not exist in the specified repository any more, regardless of its existence beforehand.
The optional 'endPoint' parameter of the request may contain a commit ID that the provided ref name is expected to point to. Should the ref point to a different commit ID, a 400 response will be returned with appropriate error details.
The authenticated user must have an effective REPO_WRITE permission to call this resource. If branch permissions are set up in the repository, the authenticated user must also have access to the branch name that is to be deleted.
Example request representations:
{"name":"refs/heads/my-branch","dryRun":false}
Example response representations:
an empty response indicating that the branch no longer exists in the repository
{"errors":[{"context":null,"message":"A detailed error message.","exceptionName":null}]}
the branch was not deleted because the request was invalid, e.g. no ref name to delete was provided, or the provided ref name points to the default branch in the repository that cannot be deleted
{"errors":[{"context":null,"message":"A detailed error message.","exceptionName":null}]}
The currently authenticated user has insufficient permissions to delete a branch. This could be due to insufficient repository permissions, or lack of branch permission for the provided ref name.
parameter | value | description |
---|---|---|
commitId | full SHA1 of the commit (ex: |
Gets the branch information associated with a single commit from a given repository.
Example response representations:
{"size":2,"limit":25,"isLastPage":true,"values":[{"id":"refs/heads/branch-a","displayId":"branch-a","type":"BRANCH"},{"id":"refs/heads/branch-b","displayId":"branch-b","type":"BRANCH"}],"start":0}
a page of branch refs associated with the commit
The request has timed out processing the branch request
Get the effective Branch Model associated with the repository.
The authenticated user must have the REPO_READ (or higher) permission for the specified repository to call this resource.
Example response representations:
{"development":{"id":"refs/heads/master","displayId":"master","type":"BRANCH","latestCommit":"8d51122def5632836d1cb1026e879069e10a1e13","latestChangeset":"8d51122def5632836d1cb1026e879069e10a1e13","isDefault":true},"production":{"id":"refs/heads/master","displayId":"master","type":"BRANCH","latestCommit":"8d51122def5632836d1cb1026e879069e10a1e13","latestChangeset":"8d51122def5632836d1cb1026e879069e10a1e13","isDefault":true},"types":[{"id":"BUGFIX","displayName":"Bugfix","prefix":"bugfix/"},{"id":"FEATURE","displayName":"Feature","prefix":"feature/"}]}
The branch model associated with the specified repository.
{"errors":[{"context":null,"message":"A detailed error message.","exceptionName":null}]}
The currently authenticated user does not have sufficient permission (REPO_READ) to query the branch model of the repository.
{"errors":[{"context":null,"message":"A detailed error message.","exceptionName":null}]}
The specified repository does not exist, or the branch model is not defined for the specified repository
{"errors":[{"context":null,"message":"A detailed error message.","exceptionName":null}]}
The specified repository is empty - the branch model cannot be constructed