Skip to main content
  • An Enkryptify workspace with admin access
  • A Bitbucket account with admin permissions on the target workspace and repository
  • Bitbucket Pipelines enabled on the target repository
When connecting Enkryptify to Bitbucket via OAuth, we request only the permissions required to manage pipeline variables on your selected repository:
  • OAuth scopes:
    • pipeline:variable: read and write pipeline variables (repository-level and deployment environment-level)
    • repository: read-only access to list workspaces and repositories
    • account: read account information for workspace listing
Enkryptify does not access your repository source code. The OAuth token is used solely for API calls to manage pipeline variables.

Steps to complete

1

Create a new sync

  • Go to the Syncs tab of your project and click on Bitbucket.
2

Authorize with Bitbucket

  • You’ll be redirected to Bitbucket to authorize the Enkryptify OAuth consumer.
  • Grant access to the requested permissions.
3

Select your Bitbucket repository

  • All repositories across your Bitbucket workspaces will be listed.
  • Select the target repository for syncing pipeline variables.
4

Choose sync target and map environments

  • Bitbucket target: choose where variables are synced to:
    • Repository Pipeline Variables: available to all pipeline runs in the repository.
    • Deployment environment: scoped to a specific deployment environment (e.g., staging, production). Only available if you have deployment environments configured in Bitbucket.
  • Enkryptify environment: select which Enkryptify environment to sync secrets from.
  • Example: Enkryptify production environment synced to Bitbucket Production deployment environment.