Bitbucket OAuth/OpenID app gives the ability to enable OAuth/OpenID Single Sign-On for Bitbucket. Bitbucket is compatible with all OAuth/OpenID Providers. Here we will go through a guide to configure SSO between Bitbucket and Azure AD. By the end of this guide, Azure AD users should be able to log in and register to Bitbucket.
To configure Azure AD integration with Bitbucket OAuth / OpenID Connect SSO, you need the following items:
- Bitbucket should be installed and configured (supported version Bitbucket Server 5.5.0 - 6.10.1, Bitbucket Data Center 5.5.0 - 6.10.1).
- Admin credentials are set up in Bitbucket.
- Valid Bitbucket Server and Data center Licence.
Download And Installation
- Log into your Bitbucket instance as an admin.
- Navigate to the settings menu and Click Manage Apps.
- Click Find new apps or Find new add-ons from the left-hand side of the page.
- Locate Bitbucket OAuth / OpenID Connect Single Sign On (SSO), Bitbucket SSO via search.
- Click Try free to begin a new trial or Buy now to purchase a license for Bitbucket OAuth / OpenID Connect Single Sign On (SSO), Bitbucket SSO.
- Enter your information and click Generate license when redirected to MyAtlassian.
- Click Apply license.
Step 1: Setup Azure Active Directory as OAuth Provider
- Sign in to Azure portal.
- Click on App Services and go to Manage Azure Active Directory.
- In the left-hand navigation pane, click the App registrations service, and click New registration.
- When the Create page appears, enter your application's registration information:
||Name of your application.
|Application type :
- Select "Native" for client applications that are installed locally on a device. This setting is used for OAuth public native clients
- Select "Web app / API" for client applications and resource/API applications that are installed on a secure server. This setting is used for OAuth confidential web clients and public user-agent-based clients. The same application can also expose both a client and resource/API.
Sign-on URL :
- For "Web app / API" applications, provide the base URL of your app.
might be the URL for a web app running on your local machine. Users would use this URL to sign in to a web client application.
For "Native" applications, provide the URI used by Azure AD to return token responses. Enter a value specific to your application.
- When finished, click Register. Azure AD assigns a unique Application ID to your application. Copy Application ID and the Directory ID , this will be your Client ID and Tenent ID.
- Go to Certificates and Secrets from the left navigaton pane and click on New Client Secret. Enter description and expiration time and click on ADD option.
- Copy value. This will be your Secret key.
- Enter application Home page URL Logout Settings->Properties->Logout URL.