Jenkins - How to enable bearer tokens for SCM access

We’re operating with Jenkins version 2.401.2 and facing a requirement to integrate the -c http.extraHeader='Authorization: Bearer token' command due to a shift in authentication protocols on our Bitbucket server, which has deprecated basic authentication in favor of personal access tokens (PATs).

We need a solution that allows us to use PATs without defaulting to the simple username and password method, which isn’t viable because of our server’s restrictions. Ideally, we’re looking for a native GUI-based solution in Jenkins that would enable us to add this header seamlessly to our Git operations, without the need for custom scripting or creating specialized stages within our pipeline.

We cannot use ssh too

Hello @alfador1 and welcome to this community. :wave:

You might consider using the Bitbucket OAuth Plugin.

This plugin allows Jenkins to authenticate itself to Bitbucket using OAuth, which is a more secure method than basic authentication.

There are two open requests to add bearer token support, one for the git client plugin and one for the git plugin.

Since your company has selected bearer tokens as their preferred authentication method and won’t allow you to represent them in Jenkins as username / password pairs, I think that you should invite them to contribute pull requests to implement bearer token support in the Jenkins git plugins. That would meet the needs of your company and your company would have the benefit of others helping to test the solution they created.

If your company is unwilling or unable to create the pull requests to implement bearer token support in the git client plugin and the git plugin, then you could choose instead to take direct control of command line git in your Pipelines, using the withCredentials step to provide credentials to your shell calls to command line git.