Bitbucket web-hook not working

I’m trying to bypass a bitbucket web-hook request to one of my servers protected with Cloudflare Access. Unfortunately its not going through as the web-hook is redirected to the CF login/code page. I can see this on the bitbucket side when debugging the web-hook requests.

I have added access policy based on ip-address ranges. When disabling the policy entirely the web-hook works.

I have added both IPv4 and IPv6 ranges as listed on this page:
https://confluence.atlassian.com/bitbucket/what-are-the-bitbucket-cloud-ip-addresses-i-should-use-to-configure-my-corporate-firewall-343343385.html

On other similar setups I can see the IP-address originating from bitbucket are 18.234.32.226 and 18.234.32.227 which are to my knowledge included in what I have added as ranges on the Cloudflare side.

Unfortunately there is no log available inside CF Access because no actual authentication is done by the web-hook.

Can someone help me in the right direction ?

Many Thanks!

I am having this same issue. From the bitbucket webhook ui, I am seeing a 403 on the webhook request. I have two access policies for the webhook url, one allows developers to hit my.domain and one access policy that allows Everyone to hit my.domain/webhook-url/.

Any ideas?