Arnica Documentation
  • Introduction
  • Getting Started
    • 🔑Sign Up
    • ▶️SCM Integrations
      • Azure DevOps
      • Bitbucket Cloud
      • Bitbucket Server & Datacenter
      • Github
        • GitHub Audit Logs
        • Github App Permissions
      • Gitlab
    • 📤ChatOps
      • Microsoft Teams
      • Slack
        • Adding Arnica to a New Channel
        • Interacting With the Arnica Slackbot
    • 🎫Ticket Management
      • 🐛Jira Integration
      • 📋ADO Boards Integration
    • 🧠Artificial Intelligence
      • Azure OpenAI
      • OpenAI ChatGPT
    • 🏨On Premise Integrations
  • Inventory
    • 💼Identities, Repositories & Organizations
    • 📇Software Bill of Materials (SBOM)
    • 🦄Prioritization & Product Ownership
  • Hardcoded Secrets
    • 🕵️Secret Detection
    • ⏪Realtime Secret Mitigation
    • 🥕Secrets Policy Settings
  • Code Risks
    • 🎼Static Application Security Testing (SAST)
      • Custom SAST Rules
    • 🧩Software Composition Analysis (SCA)
    • 🔡3rd Party Package Licenses
      • Override License Classifications
    • 🤹3rd Party Package Reputation
      • Identifying Low Rep Packages
      • How to Find Alternative Packages
    • ⛅Infrastructure as Code Security (IaC)
    • 🤖Code Risk Policy Settings
      • Developer Feedback On Push
      • Require Review Before Dismissal
      • 0 New High Severity Vulnerabilities
      • Enforce Remediation SLA
    • 🪄Code Risk Magic Links
    • 📦Code Risk Language and Framework Support
  • Platform Operations
    • 🚪Joining an Existing Org
    • ❌Deleting a Tenant
    • 🫂How do I invite members to my tenant?
      • New User Invitations
    • 👥Users & Roles
    • 🔇Deleting Integrations
    • ⌛Scheduled Jobs
      • How often do Jobs run?
    • 💸Billing
  • Security
    • 🎮Role Based Access Control (RBAC)
    • 🛡️Data Handling
    • 🏛️SSO Integration
      • Okta Integration
      • Entra ID Integration
Powered by GitBook
On this page
  • Overview
  • Integrating with Bitbucket Server / Bitbucket Data Center
  • Allowing users to specify custom expiry settings
  • Creating an HTTP access token
  • Adding a Bitbucket Server / Data Center integration

Was this helpful?

  1. Getting Started
  2. SCM Integrations

Bitbucket Server & Datacenter

PreviousBitbucket CloudNextGithub

Last updated 7 months ago

Was this helpful?

Overview

Arnica Integrates directly with Bitbucket Sever to help secure the development environment while identifying risks in real time - alerting your team and assisting with remediation actions. Arnica's integration is configurable allowing org-level provisioning or access to specified projects to extract the and take remediation actions.

Integrating with Bitbucket Server / Bitbucket Data Center

Allowing users to specify custom expiry settings

To ensure continuous connection to your Bitbucket Server / Data Center, we recommend you create a token without an automatic expiration date. Bitbucket Server / Data Center may be configured to enforce all tokens to expire after no longer than 1 year. To allow customizing it, follow these steps:

  1. Go to Administration

  2. Go to SYSTEM -> Keys and Tokens

  3. Select No for automatic expiry.

Creating an HTTP access token

  1. Click on your profile picture on the right

  2. Select Manage Account

  3. Under HTTP access tokens, select Create token.

  4. For the best compatibility, select Project Admin, this will allow Arnica to help you follow security best practices and keep your Bitbucket service protected on an ongoing basis including the ability to have one click mitigations.

  5. For Expiry, in order to avoid service disruption, select Do not expire, or set an expiry date and set a reminder to your team to update the Arnica integration details 2 weeks before expiration.

  6. Copy the token and store in a safe place (e.g., a password manager, secrets vault, HSM)

Adding a Bitbucket Server / Data Center integration

  1. Click CONNECT next to Bitbucket Server / Data Center

  1. Fill in the details of your integration.

    • Name – enter a short unique name to help you identify this sever.

    • Bitbucket Server URL – the full URL of your server.

    • PAT: the HTTP Access Token you generated on step 9 above.

  1. Click CREATE

▶️
necessary data