I am new to the Bitbucket API and Oauth in general. I have been reading the Bitbucket docs and https://tools.ietf.org/html/rfc6749 to take in as much as I can. I'm still a little confused and running into a problem so I want to make sure my workflow is correct. Here is how I am attempting authorization:
Is this flow correct? And if it is I get a code 400 bad request error when I make request number 2. I also thought maybe the value for csrftoken in the first request was the token I needed to make requests and added a header value of "Authorization": "Bearer csrftokenValue" but that wasn't working either. I know I am probably missing something obvious but in my limited experience I'm not sure what it is. Please let me know the appropriate workflow and let me know if there is anything missing.
Community moderators have prevented the ability to post new answers.
You must first redirect your user's browser to the URL at step 1. The browser will get a redirect response after the user's authorization and should redirect to the page specified in the Location header. You will get an authorization code as request parameter code
at the location. Your application then perform step 2 with the authorization code. The point is step 1 is performed by your user's browser and step 2 by your application. The cookie is not relevant to the OAuth procedure itself. If you are implementing OAuth authorization yourself, I would advise the use of any existing OAuth library instead.
I'm building an app where when certain exceptions occur I want to automagically have a ticket created and the users of the app are not required to have a bitbucket account. Is there a way I can do it without any user interaction?
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
I though the Bitbucket issue tracker can be configured to accept guest submission. Is it acceptable? Or You might be able to use OAuth 2.0 Client Credentials Grant https://tools.ietf.org/html/rfc6749#section-4.4 that doesn't require user authorization, but Bitbucket might not support that grant type.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.