Use Bitbucket as your Authentication Provider

This guide will walk you through the steps necessary to configure Bitbucket as the authentication provider for Okteto.

Please refer to Bitbucket's official documentation on how to create an OAuth Consumer for more information.

Prerequisites

• A working installation of Okteto
• Helm 3.0+ installed in your local machine
• Access to a Bitbucket account with permissions to create an OAuth Consumer

Create the OAuth Consumer

When creating the OAuth Consumer, you will need to provide the following values:

Callback URL:

https://okteto.DOMAIN/auth/callback

URL:

https://okteto.DOMAIN

Permissions: Account: Email Account: Read

Copy the OAuth Consumer Key and OAuth Consumer Secret values. You'll need them to configure Okteto.

Configure Okteto

Once you have the Bitbucket OAuth Consumer ready, update the auth section of your Helm configuration file with the following values:

config.yaml

auth:
  bitbucket:
    enabled: true
    clientId: "REPLACE_ME_WITH_YOUR_OAUTH_CONSUMER_KEY"
    clientSecret: "REPLACE_ME_WITH_YOUR_OAUTH_CONSUMER_SECRET"
    workspace: "REPLACE_ME_WITH_YOUR_BITBUCKET_WORKSPACE"

You can also use a secret to store the sensitive part of these credentials.

Upgrade your Okteto instance for the new configuration to be applied. We recommend that you upgrade to the same version that you already have to minimize the changes and help you troubleshoot any issues.

The workspace field is optional. Only members of the workspace will be allowed to login into Okteto. An empty workspace field permits any user to log in.