How to do Git operations with Bitbucket and SAML SSO
The SAML SSO app for Bitbucket Data Center is a web based application. Like any other Bitbucket SAML app, it does not allow authentication via command line tools.
In general, we recommend using a SSH keys (https://confluence.atlassian.com/bitbucket/set-up-an-ssh-key-728138079.html) or personal access tokens (https://confluence.atlassian.com/bitbucketserver/personal-access-tokens-939515499.html)for authentication.
SSH keys for authentication and personal access tokens do belong to a user, but don’t need to be changed,
if a user is renamed, so they can also be used with other external directories, like LDAP/ a Jira- or Crowd based directory)
Depending on your setup, there are different possibilities to perform Git operations with your Bitbucket Data Center, running the SAML SSO app:
If you are using external LDAP synchronization to sync & update users
In this case, credentials will be synchronized to your Bitbucket Data Center instance, so the users can use their known username/ password for all Git operations
If you are using user creation and update provided by the SAML SSO app
If you are using the "User Creation and Update" function of our app, users won't really receive a password, as this is intended to be managed on the IdP only.
To enable the users to perform Git operations, there are three options:
Best practice: use SSH keys for authentication, see https://confluence.atlassian.com/bitbucket/set-up-an-ssh-key-728138079.html
Alternatively, users can create personal access tokens for Git operations and REST requests, see https://confluence.atlassian.com/bitbucketserver/personal-access-tokens-939515499.html
This feature was introduced in Bitbucket Server and Data Center 5.5.Not recommended: set a password for the user (via normal means, either the admin interface or the user himself in his profile),
so that the user can use this password for Git operations on the command line or any other Git client.