Git Host Access Credentials

This page describes how to create credentials for your Git host (GitHub, GitLab, Bitbucket, or Azure DevOps)

that Atlantis will use to make API calls.

Create an Atlantis user (optional)

We recommend creating a new user named @atlantis (or something close) or using a dedicated CI user.

This isn't required (you can use an existing user or github app credentials), however all the comments that Atlantis writes will come from that user so it might be confusing if its coming from a personal account.

Example Comment

An example comment coming from the @atlantisbot user

Generating an Access Token

Once you've created a new user (or decided to use an existing one), you need to generate an access token. Read on for the instructions for your specific Git host:

GitHub user


Your Atlantis user must also have "Write permissions" (for repos in an organization) or be a "Collaborator" (for repos in a user account) to be able to set commit statuses: Atlantis status

GitHub app


Available in Atlantis versions newer than 0.13.0.

  • Start Atlantis with fake github username and token (atlantis server --gh-user fake --gh-token fake --repo-allowlist '*' --atlantis-url https://$ATLANTIS_HOST). If installing as an Organization, remember to add --gh-org your-github-org to this command.

  • Visit https://$ATLANTIS_HOST/github-app/setup and click on Setup to create the app on Github. You'll be redirected back to Atlantis

  • A link to install your app, along with its secrets, will be shown on the screen. Record your app's credentials and install your app for your user/org by following said link.

  • Create a file with the contents of the GitHub App Key, e.g. atlantis-app-key.pem

  • Restart Atlantis with new flags: atlantis server --gh-app-id <your id> --gh-app-key-file atlantis-app-key.pem --gh-webhook-secret <your secret> --write-git-creds --repo-allowlist '*' --atlantis-url https://$ATLANTIS_HOST.

    NOTE: Instead of using a file for the GitHub App Key you can also pass the key value directly using --gh-app-key. You can also create a config file instead of using flags. See Server Configuration.


Only a single installation per GitHub App is supported at the moment.


Bitbucket Cloud (

Bitbucket Server (aka Stash)

  • Click on your avatar in the top right and select Manage account
  • Click Personal access tokens in the sidebar
  • Click Create a token
  • Name the token atlantis
  • Give the token Read Project permissions and Write Pull request permissions
  • Click Create and record the access token

Azure DevOps

Next Steps

Once you've got your user and access token, you're ready to create a webhook secret. See Creating a Webhook Secret.