You can configure this integration via the web UI through the integrations tab or you can use a local configuration file as outlined below.

Learn how to configure your connection to BitBucket for repository scanning. Discover various authentication methods, including token, basic authentication with password, and basic authentication with app password/token.

Azure Repos

Bitbucket

source

Buildkite

TruffleHog Docs

Choose your adventure

Creating a scanner

Configuring a scanner

Resource Requirements

Secrets management

Running the scanner

Terminology

Getting started

Artifactory

AWS S3

CircleCI

Confluence

Docker

Filesystem

Gerrit

GitLab

GitHub

Google Cloud Storage (GCS)

Google Drive

Jenkins

Jira

Microsoft Sharepoint

Microsoft Teams

Postman

Slack

Vector

Scan data for secrets

Email

Splunk

Stdout

Webhook

Notify results

Reverify secrets

Scanning in CI

Pre-commit hooks

Pre-receive hooks

Block secrets from leaking

Systemd

Helm Chart

Kubernetes manifest

Deployment

Configuration file reference

Custom detectors

Customizing detection

On-premise verification

Customizing TruffleHog

Authentication

Architecture

Compliance

Security and Compliance

Key	Description	Required
endpoint	The endpoint URI for bitbucket	Yes if using basic auth
repositories	List of repositories to scan. Leaving it off will enumerate them instead.	No
ignoreRepos	List of repositories to ignore. Typically used when using enumeration.	No
skipBinaries	If true, binary files will be ignored	No
skipArchives	If true, archive files will be ignored	No

Feature	Supported
Scan archive Files	✅
Scan archived Repos	✅
Scan base64 Encoded data	✅
Scan binaries	✅
Exclude Filter	✅
History	✅
Include Filter	✅
Pre-commit	✅
Pre-receive	✅
Resumption	✅

Bitbucket

Configuration options

Local configuration

Capabilities