Details
-
Suggestion
-
Resolution: Unresolved
-
None
-
8
-
Description
Problem
Users should be unable to generate their own personal access tokens if this feature mismatches with security policies of their organization. For instance if all users are supposed to perform any action by entering their username/password. An ability to toggle between enabling and disabling Generation of personal access tokens is required.
Workaround
Personal token creation could be disabled by setting plugin.bitbucket-access-tokens.max.tokens.per.user to 0 in the bitbucket.properties configuration file for the server.