Hi @elasticdev,
providing a few assumptions here, because your post dives right into details without giving a high level overview of the setup.
I assume you are using the Bitbucket federation from within the dashboard and have a user already authenticated successfully, is that correct?
Now you want to take the refresh token that’s stored in the Auth0 user profile’s identity (the one retrieved from Bitbucket) in order to retrieve a new Bitbucket access token.
Did I get that right so far?
In any case, the client id and client secret in your refresh token request
curl -X POST -u “client_id:secret” https://bitbucket.org/site/oauth2/access_token -d grant_type=refresh_token -d refresh_token={refresh_token}
should be the ones for Bitbucket, not that of your Auth0 application. So basically the values you’ve put in there (or get from Bitbucket admin section).
In the screenshot below it’s empty cause it’s using the Auth0 dev keys, but for production use, you should’ve put your own key/secret there that you got from Bitbucket.
