Issue with Bitbucket OAuth Integration in ZITADEL
Hi ZITADEL Team,
I'm facing an issue while trying to integrate Bitbucket as an OAuth provider within ZITADEL.
š§ Setup Details:-
-OAuth Provider: Bitbucket (Cloud)
-OAuth Type: Generic OAuth / External IDP
-Redirect URI: Configured correctly as per Bitbucket and ZITADEL guidelines
-Client ID/Secret: Verified from Bitbucket.
After configuring Bitbucket as an external IDP in ZITADEL and initiating the OAuth flow:
The authorization request is sent successfully to Bitbucket.
Upon granting permission, Bitbucket redirects back to the callback URL with a valid authorization code.
However, the token exchange request fails, and no user is created or logged in via Bitbucket.
Observed Behavior:-
-ZITADEL does not complete the login flow.
-The logs (if any) are unclear or insufficient to debug.
-A 401 or token-related error occurs when trying to redeem the authorization code.
5 Replies
hey @Harshit thanks for your question, may I know what doc did you used to setup the idp?
As such no doc was available, but there was an option for configuring generic oauth in zitadel, so i asked the llm's about that, there i got the steps.
hey @Harshit what auth/token/user endpoint are you using from bit bucket?
what scopes are you passing?
I have a few too many questions š
try setting up the IDP via API https://zitadel.com/docs/apis/resources/mgmt/management-service-add-generic-o-auth-provider
auth endpoint:- https://bitbucket.org/site/oauth2/authorize
token endpoint:- https://bitbucket.org/site/oauth2/access_token
user endpoint:- https://api.bitbucket.org/2.0/user
scopes:- email, account
hey @Harshit have you enabled auto creation and auto linking in zitadel
we also have a doc on adding Linkedin as generic auth, maybe you can look into that and it may work for bitbucket
https://zitadel.com/docs/guides/integrate/identity-providers/linkedin-oauth