Skip to content
docs

Bitbucket Integration

Authorize Vygl on Bitbucket to discover repositories, register webhooks, and post pull-request comments. Works with both Bitbucket Cloud and self-hosted Bitbucket Server.

Install

Section titled “Install”

  1. Open Settings → Connections in Vygl.

  2. Click Connect Bitbucket. You’re redirected to Bitbucket’s OAuth authorization screen.

  3. Authorize. Approve the requested scopes — pullrequest:write plus standard repository read.

  4. Pick repositories. Bitbucket redirects back to Vygl. Select the repositories you want scanned and (optionally) configure branch filtering.

Webhooks register automatically. Pushes and pull requests trigger scans.

Scopes

Section titled “Scopes”
ScopeWhy
repository (read)Clone the repository for scanning
pullrequest:writePost comments on pull requests, set build status

OAuth tokens are refreshed transparently before expiry.

What happens on a push or PR

Section titled “What happens on a push or PR”
  1. Bitbucket fires a webhook for the push or PR event. Vygl verifies the signature.
  2. Vygl clones the repository at the new commit.
  3. Scan engines run server-side.
  4. Findings appear in the dashboard, deduplicated against history.
  5. For pull requests, Vygl posts (or updates) the summary comment and writes build status.

Bitbucket Server (self-hosted)

Section titled “Bitbucket Server (self-hosted)”

Bitbucket Server (formerly Stash) works through the same OAuth flow. The API base URL is read from the OAuth app configuration when the integration is set up.

Removing access

Section titled “Removing access”

Revoke from Bitbucket (Personal settings → App authorizations) at any time. Webhook events stop immediately. To stop showing the integration in Vygl, remove it from Settings → Connections.