Issue Summary

One of our customers would like to integrate Bitbucket with Jenkins. For the official Atlassian Jenkins plugin, they do need a personal access token. Their company policy to only allow for each Jenkins job to access exactly the assigned Bitbucket project. Thus, they would like to place a request a feature to create a Project Access Token as existing Personal Access Token does not meet their requirements. 

If Bitbucket has a Project Access Token, the token is only assigned to a project and allows Jenkins to access the repo and the API to signal the build status to Bitbucket.

Steps to Reproduce

1. Create a Personal Access Token to user ziegler_f1
2. Give access to project 1, project 2, project 3
3. Add a Jenkins job for project 2 and would use the token of ziegler_f1

Expected Results

Each Jenkins job should only able to access the assigned Bitbucket project.

Actual Results

Everybody who has access to Jenkins jobs of project 2 would also be possible to access project 1 and project 2, even if they are not allowed to.

Workaround

A solution would only be to create a project-specific use, e.g. user project_1 and create a token for this user. But this would mean that the user needs named users per project which is too expensive.

Note:

The customer did some further tests with their current setup. They fear that also a project dependent access token would not really solve the problem because it has to be configured in Jenkins in a system-wide area while using the Atlassian Bitbucket Server Integration plugin.

Currently, they do not see any chance for the integration of Bitbucket with Jenkins in an enterprise environment.