SaaS Security
Onboard a Bitbucket App to SSPM
Table of Contents
Onboard a Bitbucket App to SSPM
Connect a Bitbucket instance to SSPM to detect posture
risks.
| Where Can I Use This? | What Do I Need? |
|---|---|
|
Or any of the following licenses that include the Data Security license:
|
For SSPM to detect posture risks in your Bitbucket instance, you must onboard your Bitbucket
instance to SSPM. Through the onboarding process, SSPM connects to a Bitbucket API
and, through the API, scans your Bitbucket instance for misconfigured settings. If
there are misconfigured settings, SSPM suggests a remediation action based on best
practices.
To onboard your Bitbucket instance, you complete the following actions:
Identify the Administrator Account for Granting SSPM Access
During the onboarding process, SSPM will redirect you to log in to Bitbucket. After you log in,
Bitbucket will prompt you to grant SSPM the access it needs to your Bitbucket
instance.
- Verify that your account has administrator permissions.Sign out of all Bitbucket accounts.Signing out of all Bitbucket accounts helps ensure that you sign in under the correct account during the onboarding process. Some browsers can automatically sign you in by using saved credentials. To ensure that the browser does not automatically sign you in to the wrong account, you can turn off any automatic sign-in option or clear your saved credentials. Alternatively, you can prevent the browser from using saved credentials by opening the Cloud Management Console in an incognito window.
Connect SSPM to Your Bitbucket Instance
By adding a Bitbucket app in SSPM, you enable SSPM to connect to your Bitbucket instance. You must consent to specific permissions when adding the Bitbucket app.- From the Add Application Page (), click the Bitbucket tile.Under posture security instances, Add Instance or, if there is already an instance configured, Add New instance.SSPM redirects you to the Bitbucket login page.Enter the credentials for the administrator account that you identified earlier, and log in to Bitbucket.Bitbucket displays a consent form that details the access permissions that SSPM requires.Review the consent form and allow access.
