
Enforced merge checks
Promote consistency and reduce errors by ensuring every pull request is fully vetted before it gets merged. Require multiple approval steps, successful build verification, and more.
Deployment Permissions
Add an extra layer of control without slowing down deployment speed. Set permissions on who can deploy and from which branch to any given environment.

Enforced 2FA
Add an additional layer of security to your team’s accounts by ensuring your data is protected even if someone gets your password.
IP Allowlisting
Ensure users are always interacting (view, push, clone, etc.) from an IP address that was previously marked as safe.
Project and Workspace Access Tokens
Add a fine-grained access management control for Projects and Workspaces by utilizing access tokens, which have API and Git access to specific resources.
Feature comparison
Users | ||
---|---|---|
User limit ? | Standard Unlimited | Premium Unlimited |
Build minutes ? | Standard 2500 min / mo | Premium 3500 min / mo |
Unlimited private repositories ? | Standard ✓ | Premium ✓ |
Jira Software integration ? | Standard ✓ | Premium ✓ |
Trello integration ? | Standard ✓ | Premium ✓ |
CI/CD ? | Standard ✓ | Premium ✓ |
Merge checks ? | Standard ✓ | Premium ✓ |
Enforced merge checks ? | Standard | Premium ✓ |
Deployment permissions ? | Standard | Premium ✓ |
IP Allowlisting ? | Standard | Premium ✓ |
Required two-step verification ? | Standard | Premium ✓ |
Project and Workspace Access Tokens ? | Standard | Premium ✓ |
SAML-based SSO ? | Standard Atlassian Access | Premium Atlassian Access |
Priority support ? | Standard Atlassian Access | Premium Atlassian Access |
Git Large File Storage ? | Standard 5 GB | Premium 10 GB |
Security built into every layer of the Cloud
Data encryption in transit
All data is encrypted in transit over public networks using Transport Layer Security (TLS) 1.2+ with Perfect Forward Secrecy (PFS) to protect it from unauthorized disclosure or modification.
Security key support
Bolster your 2FA with an extra layer of hardware security. Bitbucket supports security key devices that use the FIDO U2F standard.
SOC II and GDPR compliant
We’re invested in protecting your data by certifying with industry standards such as SOC II, SOC III, PCI DSS, ISO/IEC 27001, ISO/IEC 27018, and GDPR.