Setup guide for Bitbucket Web Authentication

Bitbucket WebAuthn app let's you use your device credentials (e.g Pin, Fingerprint, etc) for logging into Bitbucket Server and Datacenter application. Here we will go through a guide to configure WebAuthn for your Bitbucket application. By the end of this guide, users will be able to use local credentials for logging into the Bitbucket Server and Datacenter application.

Pre-requisites

  • Bitbucket should be installed and configured.
  • Admin credentials are set up in Bitbucket.
  • Valid Bitbucket Server and Data center Licence.
  • Windows Hello/Apples touch id should already be setup on your device.If not Click Here to learn how to setup Windows Hello on your device.

Download And Installation



  • Log into your Bitbucket instance as an admin.
  • Navigate to the settings menu and Click Manage Apps.
  • Click Find new apps or Find new add-ons from the left-hand side of the page.
  • Locate mO WebAuthn - Passwordless login for Bitbucket via search.
  • Click Try free to begin a new trial or Buy now to purchase a license for mO WebAuthn - Passwordless login for Bitbucket.
  • Enter your information and click Generate license when redirected to MyAtlassian.
  • Click Apply license.
    • SAML Single Sign On (SSO) into Bitbucket

Step 1: To configure MiniOrange WebAuthn Plugin

  • Navigate to WebAuthn Configuration tab & click on the Enable WebAuthn and click on Save.
    • Enable WebAuthn Configuration

Step 2: Working of WebAuthn Plugin

  1: When Platform Authenticator is not registered

  • On login page user will be asked to enter its username.
    • Login-form
  • As user has not registered its authenticator with the server it will be asked to enter its password so as verify user's authenticity.
    • inline_registratin_pwd
  • After successfull authentication of password windows pop-up will occure user to enter its system password (pin,figerprint, etc.)
    • chrome popup
  • Now that you have successfully registered your platform authenticator, you can use it for logging into your atlassian product.
    • chrome success popup

  2: When Platform Authenticator is registered

  • On login page user will be asked to enter its username.
    • Login-form
  • A browser pop-up will occure asking user to enter its platform credentials(pin,fingerprint,etc).
    • chrome success popup
  • On Successfull authentication user will be logged in.

Step 3: Features of MiniOrange WebAuthn Plugins

  1. Force WebAuthn

  • This feature basically lets Admin to control users login flow. By this feature Admin can decide whether user's can use Server's default login page or not. This feature is disabled by default.
    • Force WebAuthn
  • When Force WebAuthn is disabled users will see back-to-login-page link on login form.
    • back-to-login
  • Clicking on that link will redirect user to default login page which they can use for logging into the server.
    • default-login-form
  • When Force WebAuthn is enabled users wont have option to use back-to-login-page link, they can only use WebAuthn for logging in.
    • hide-back-to-login

  2. Backdoor URL

  • Users can use this URL for logging into server with default credentials in case of emergency.
    • Backdoor url

  3. User Management

  • User Management tab has the different functionality which will let admin manage WebAuthn for specific user's also.
  • This tab contains the list of all active users currently present on the server with diffent options for each of those users.
    • webauthn user management tab
  • Admin can reset particular user's configuration if user is facing some issues with its configuration.
  • Admin can Enable/Disable Webauthn for particular user by clicking on respective button, So that the user's for which WebAuthn is enabled can only be log into the server
    • enable-disable-webauthn
  • User's for which WebAuthn is disabled wont be able to login into the server.
    • disable-webauthn

  4. MiniOrange WebAuthn Configuration tab

    bitbucket webauthn configuration tab
  • Clicking on the tab will pop up a box where user's can manage their configurations
  • User's can register new authenticator by clicking on Register new credential, which will be used for logging into bitbucket.
  • User's can remove their previously configured authenticator by clicking on Clear previous credential, if they wish to do so.

    • bitbucket webauthn configuration popup


Our Other Apps: SAML SSO Apps | OAuth Apps | 2FA Apps | Crowd Apps | REST API Apps | Kerberos/NTLM Apps | User Sync Apps |
                             Bitbucket Git Authentication App | Jenkins SSO | SonarQube SSO

Free Trial

If you don't find what you are looking for, please contact us at info@xecurify.com or call us at +1 978 658 9387.