Login with Bitbucket

To enable Bitbucket Auth for your project, you need to set up a BitBucket OAuth application and add the application credentials to your Supabase Dashboard.


Setting up Bitbucket logins for your application consists of 3 parts:

Access your Bitbucket account#

Bitbucket Developer Portal.

Find your callback URL#

The next step requires a callback URL, which looks like this:


  • Go to your Supabase Project Dashboard.
  • Click on the Settings icon at the bottom of the left sidebar.
  • Click on API in the list.
  • Under Config / URL you'll find your API URL, you can click Copy to copy it to the clipboard.
  • Now just add /auth/v1/callback to the end of that to get your full OAuth Redirect URI.

Create a Bitbucket OAuth app#

  • Click on your profile icon at the bottom left
  • Click on All Workspaces
  • Select a workspace and click on it to select it
  • Click on Settings on the left
  • Click on OAuth consumers on the left under Apps and Features (near the bottom)
  • Click Add Consumer at the top
  • Enter the name of your app under Name
  • In Callback URL, type the callback URL of your app
  • Check the permissions you need (Email, Read should be enough)
  • Click Save at the bottom
  • Click on your app name (the name of your new OAuth Consumer)
  • Copy your Key (client_key) and Secret (client_secret) codes

Add your Bitbucket credentials into your Supabase Project#

  • Go to your Supabase Project Dashboard
  • In the left sidebar, click the Authentication icon (near the top)
  • Click Settings from the list to go to the Authentication Settings page
  • Enter the final (hosted) URL of your app under Site URL (this is important)
  • Under External OAuth Providers turn Bitbucket Enabled to ON
  • Enter your client_id and client_secret saved in the previous step
  • Click Save

Add login code to your client app#

When your user signs in, call signInWithOAuth() with bitbucket as the provider:

1async function signInWithBitbucket() {
2  const { data, error } = await supabase.auth.signInWithOAuth({
3    provider: 'bitbucket',
4  })

When your user signs out, call signOut() to remove them from the browser session and any objects from localStorage:

1async function signout() {
2  const { error } = await supabase.auth.signOut()