# Bitbucket Integration

Bitbucket is a cloud-based version control system used to host and manage source code repositories.

When you integrate Bitbucket with Sprinto, Sprinto:

* Syncs repository and workspace configurations
* Monitors change management settings
* Enables access review workflows
* Automates mapped controls and checks

The integration uses **OAuth** authentication.

#### Available Sprinto checks for Bitbucket

Following are the available Sprinto checks for Bitbucket:

<table><thead><tr><th width="538.28125">Sprinto check</th><th>Reference procedure</th></tr></thead><tbody><tr><td>Bitbucket user should have MFA enabled</td><td><a href="../../monitors/authentication-and-access-monitors/enabling-bitbucket-mfa">How to fix</a></td></tr><tr><td>Merging of code changes should require passing status-checks</td><td><a href="../../monitors/code-and-repository-monitors">How to fix</a></td></tr><tr><td>Peer review should be enforced for code changes</td><td><a href="../../monitors/code-and-repository-monitors/pr-reviewer-is-different-from-author">How to fix</a></td></tr><tr><td>Branch Protection rules should be enforced for admins</td><td><a href="../../monitors/code-and-repository-monitors/how-to-resolve-sprinto-check-for-enabling-branch-protection-rules">How to fix</a></td></tr><tr><td>Code changes should be reviewed by peers before merging</td><td><a href="../../monitors/code-and-repository-monitors/how-to-resolve-sprinto-check-for-enabling-branch-protection-rules">How to fix</a></td></tr><tr><td>Code repo should be classified</td><td><a href="../../monitors/code-and-repository-monitors">How to fix</a></td></tr><tr><td>Critical system access should be removed for offboarded users</td><td><a href="../../monitors/authentication-and-access-monitors/resolve-sprinto-check-for-removing-access-for-offboarded-users">How to fix</a></td></tr></tbody></table>

### What Sprinto Monitors

After integration, Sprinto can automate controls and checks related to:

* Version control
* Peer review enforcement
* Branch protection rules
* Pull request controls
* Critical system access reviews
* Offboarding checks

Sprinto activates applicable checks based on your Bitbucket configuration.

***

### Before You Begin

Ensure:

* You have **Admin access** to the Bitbucket account you are integrating.
* Pop-ups are enabled in your browser.
* You are logged in as a Sprinto Admin.
* Understand the permissions required for BitBucket [here](https://docs.sprinto.com/data-library/understand-sprinto-permissions-and-resource-access#bitbucket).

***

## Integrate Bitbucket with Sprinto

### Step 1: Navigate to Bitbucket Integration

1. Log in to the Sprinto dashboard.
2. Go to **Settings**.
3. Select **Integrations**.
4. Under the **All** tab, search for **Bitbucket**.
5. Click **Connect** next to Bitbucket.

<figure><img src="https://3220032727-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FEsyn5VMU6e0OyGjRtKgx%2Fuploads%2FgDemPkurGGBmMrRHGprX%2FScreenshot%202026-02-26%20at%2012.39.21.png?alt=media&#x26;token=912e7cdb-91e5-46a6-9b8e-272d3e77cfce" alt="" width="563"><figcaption></figcaption></figure>

***

### Step 2: Review Permissions and Data Usage

A drawer opens displaying:

* Controls and checks automated
* Permissions required
* Data accessed by Sprinto

#### Permissions required

Sprinto requests the following permissions:

* **Team** – Read-only
* **Pull request** – Read-only
* **Repository** – Read-only
* **Repository (Admin)** – Required to administer repositories

#### Data used by Sprinto

Sprinto may access:

* Workspace IDs and names
* Pull requests
* Repository settings
* Group names
* Repository branches
* Dependency vulnerability reports

Review the details and click **Next**.

<figure><img src="https://3220032727-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FEsyn5VMU6e0OyGjRtKgx%2Fuploads%2FvxSzW2yOzb5CWASa6ZSY%2FScreenshot%202026-02-26%20at%2012.44.25.png?alt=media&#x26;token=70acafb7-ba17-4fdb-83bf-f94d36755712" alt="" width="375"><figcaption></figcaption></figure>

***

### Step 3: Authorise via OAuth

You will see the **Setup Bitbucket Integration** drawer:

* **Connection type:** OAuth
* **Prerequisite:** Admin access to your Bitbucket account

Click **Connect**.

<figure><img src="https://3220032727-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FEsyn5VMU6e0OyGjRtKgx%2Fuploads%2FCaBU0hNNp0S61sxgYkwO%2FScreenshot%202026-02-26%20at%2012.44.46.png?alt=media&#x26;token=642d6869-f19f-4a18-9ba4-1ebbecef1ed6" alt="" width="375"><figcaption></figcaption></figure>

You are redirected to the Bitbucket login page.

***

### Step 4: Log in to Bitbucket

1. Enter your email and click **Continue**,\
   or log in using SSO (Google, Microsoft, Apple, Slack).

<figure><img src="https://3220032727-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FEsyn5VMU6e0OyGjRtKgx%2Fuploads%2Fc6dL5aVbtCnZieEU1c48%2Fbitbuck1.png?alt=media&#x26;token=1a683383-ab29-4707-bc83-63453eb813f8" alt="" width="375"><figcaption></figcaption></figure>

2. Review the access request screen.
3. Click **Grant access** to authorise Sprinto.

<figure><img src="https://3220032727-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FEsyn5VMU6e0OyGjRtKgx%2Fuploads%2FcdobYpmjRo82hX6Kmknf%2Fbitbuck2.png?alt=media&#x26;token=b9420e2c-9435-47ae-aa75-e9d3383cd69f" alt="" width="563"><figcaption></figcaption></figure>

Once authorisation is successful, you are redirected back to Sprinto.

The integration is now complete.

***

## Post-Connection Flow

After Bitbucket is successfully connected, configure it based on your use case.

***

## Configure Bitbucket as a Change Management System

Use this if Bitbucket is your change management tool.

#### Steps

1. Go to **Data Library** → **Change management**.
2. Click **Add system**.
3. Select **Bitbucket**.
4. Review the workspaces to be monitored.
5. If required, click **Add another workspace**.
6. Click **Add as a change management system**.

Sprinto will now monitor:

* Product code repositories
* Branch protection enforcement
* Peer-reviewed code changes

***

## Configure Bitbucket as a Critical Access System

Use this if Bitbucket access must be reviewed periodically.

#### Steps

1. Go to **Data Library** → **Access**.
2. Click **Add a critical system**.
3. Select **Bitbucket** and click **Add System**.
4. Open Bitbucket from the Access Overview page.
5. Click **Configure now** under the Summary tab.

#### Configure Access Validity

1. Click **Configure** next to **Access validity**.
2. Choose one of the following:
   * All users
   * Role-based
   * Ticket-based

#### Assign a Critical System Owner (Optional)

You can assign a critical system owner other than the default assignee for work delegation.

Contact Sprinto Support if your current plan does not support custom owner assignment.

***

### Data Sync and Check Computation

Once configured:

* Sprinto starts syncing Bitbucket data.
* Sprinto computes applicable controls and checks.
* Status updates appear in the Bitbucket system page.

Wait for the initial sync to complete before reviewing control results.

***

## Troubleshooting

### Bitbucket login window does not open

**Possible cause:** Browser pop-ups are blocked.

**Resolution:**

* Enable pop-ups for the Sprinto application in your browser.
* Retry the integration from **Settings → Integrations → Bitbucket**.

***

### “Insufficient permissions” error during connection

**Possible cause:** You do not have Admin access to the Bitbucket workspace.

**Resolution:**

* Ensure you are logged in as a **Workspace Admin** in Bitbucket.
* Ask your Bitbucket administrator to grant you admin access.
* Retry the integration.

***

### “Grant access” button does not complete authorisation

**Possible causes:**

* Session timeout
* Network interruption
* Revoked or restricted permissions

**Resolution:**

1. Log out of Bitbucket.
2. Log back in and restart the integration process.
3. Ensure you click **Grant access** on the Bitbucket authorisation screen.
4. Confirm that the required repository admin permissions are enabled.

***

### Bitbucket does not appear under Change Management or Access

**Possible cause:** Integration was not completed successfully.

**Resolution:**

* Go to **Settings → Integrations** and verify Bitbucket shows as connected.
* If not connected, repeat the integration steps.
* If already connected, refresh the page and try again.

***

### Workspaces are missing after integration

**Possible cause:** The connected account does not have access to all workspaces.

**Resolution:**

* Verify that the Bitbucket account used during OAuth has access to the required workspaces.
* Ensure the account has appropriate workspace-level permissions.
* Reconnect Bitbucket if permissions were updated after initial integration.

***

### Controls are not computed after integration

**Possible cause:** Initial data sync is still in progress.

**Resolution:**

* Wait for the first sync cycle to complete.
* Refresh the Bitbucket system page.
* Check the status under **Data Library → Change mgmt** or **Access**.

If checks are still not computed after sync completion, contact Sprinto Support.

***

### Need Further Assistance?

If the issue persists:

* Disconnect Bitbucket from **Settings → Integrations**.
* Reconnect using an Admin account.
* Contact Sprinto Support with:
  * Workspace name
  * Error message (if any)
  * Screenshot of the failure screen

Once the Bitbucket account is configured, Sprinto starts the data syncing process and computes the Sprinto checks. Wait until Sprinto completes the data syncing.

Contact [Sprinto support](mailto:www.support@sprinto.com) if you have any queries related to the integration or need any assistance.