Bitbucket API authentication using curl (Postman)

Question

I've tried to figure out how to authenticate with Bitbucket API 2, but with no luck so far.

It should be possible to authenticate and get an access token using the following curl command:

$ curl -i -X POST -u "client_id:secret" https://bitbucket.org/site/oauth2/access_token -d grant_type=password -d username=<username> -d password=<password>

I'm pretty confident that the <username> and <password> parts should be replaced with my username and password from Bitbucket. However, the client_id:secret part is confusing me.

I've tried the following:

• hardcode the client_id:secret part ==> no luck.
• hardcode the client_id:secret part using the key and secret from the OAuth page in my Bitbucket settings page as this: <key>:<secret> ==> no luck.
• hardcode the client_id:secret part using the key and secret from the OAuth page in my Bitbucket settings page as this: <key>:<secret> (base64) encoded ==> no luck.

Questions:

• What am I doing wrong and how to fix it for the above curl command?
• If I'm going to try this in Postman as well, the -d parameters should be put into the Body section but where to put the -u (client_id:secret) part?

PS. I do NOT want to put any of the client_id/secret/username/password in the URL.

Answer 1

You can place your user and password on Postman under the Authorization tab. Select Type Basic Auth and set your username and password. Execute your request and if it works, see the CURL request on "Code" link. Postman will display the CURL request with the Basic Auth token generated with your user and password details too.