Bitbucket Integration
CodeStax integrates with Bitbucket Cloud for repository scanning, PR reviews, and automated security checks.
Connecting Bitbucket
During Signup
Click Continue with Bitbucket on the signup page. This authorizes CodeStax and connects your Bitbucket account automatically.
After Signup
- Go to Settings on the dashboard
- Click Connect Bitbucket
- Authorize CodeStax in the Bitbucket OAuth consent screen
Permissions
CodeStax requests the following Bitbucket scopes:
| Scope | Purpose |
|---|---|
account | Read your Bitbucket profile |
repository | Read repository contents for scanning |
email | Access your email for notifications |
Features
Repository Import
Import repositories from any Bitbucket workspace you have access to. CodeStax shows all available repositories with search and multi-select.
PR Reviews
Bitbucket webhook integration triggers automatic security reviews on pull requests:
- Analyzes diff for vulnerabilities
- Assigns risk score
- Records findings
Token Refresh
Bitbucket OAuth tokens expire regularly. CodeStax automatically refreshes tokens using the OAuth2 refresh_token flow, so your scans and reviews continue working without manual intervention.
Supported Bitbucket Features
| Feature | Status |
|---|---|
| Repository import | Supported |
| Private repo scanning | Supported |
| PR reviews | Supported |
| Auto-scan on push | Supported |
| Webhook integration | Supported |
| Bitbucket Server (self-hosted) | Coming soon |