Depending on your setup there are different possibilities to perform Git operations with your Bitbucket Server running the SAML SSO add-on:
If you are using external LDAP synchronization to sync & update users
In this case the full credentials will be synchronized to your Bitbucket instance, so the users can use their known username/password combination for all Git operations (SSH key for authentication and personal access tokens are not bound to users, so they can also be used with external LDAP/Jira/Crowd synchronizations)
If you are using user creation and update provided by the SAML SSO add-on
If you are using the on-the-fly user creation of our add-on, the users will be created with an autogenerated password. To enable the users to do Git operations you have three options:
- Our recommendation: use a SSH key for authentication, see https://confluence.atlassian.com/bitbucket/set-up-an-ssh-key-728138079.html.
- Alternatively, users can create personal access tokens for Git operations and REST requests, see https://confluence.atlassian.com/bitbucketserver/personal-access-tokens-939515499.html. This feature was introduced in Bitbucket Server 5.5.
Or set a password for the user (via normal means, either the admin interface or the user himself in his profile), so that the user can use this password for Git operations on the command line or any other Git client.