Rotate an access token for a workspace
Access tokens for a workspace are a premium feature. To learn about the Bitbucket Cloud Premium plan, visit: Bitbucket Cloud Premium.
Access tokens are a secure way to authenticate with Bitbucket Cloud's APIs, enabling a seamless integration with repositories, workflows, or automation tools like CI/CD systems. Expiration dates provide an essential layer of control by limiting how long a token remains valid, but token rotation enhances this by offering a practical way to refresh a token’s secret and expiration date without needing to recreate it or redefine its scopes.
To rotate an access token associated with a workspace:
At bitbucket.org, navigate to the workspace in which the access token was created.
Select the Settings cog on the top navigation bar.
Select Workspace settings from the Settings dropdown menu.
On the left sidebar, under Security, select Access tokens.
Find the access token you would like to rotate and select … (more options) in the Actions column to open the Actions dialog.
Select Rotate from the list of available actions.
Select the date picker and select an expiry date.
Select Rotate to create the new (rotated) access token.
Update any existing references to your access token to the new token.
The old token phases out quickly:
Expired tokens: Rotation generates a fresh, active secret; the old one remains invalid.
Tokens expiring in <=30 minutes: After rotation, the old token remains usable for any time remaining to help ease the transition to your newly rotated token.
Tokens with >30 minutes left: To provide you with a buffer to update your tools but also to ensure the old token expires in a timely manner, the old token’s lifespan is reduced to 30 minutes.
Was this helpful?