diff --git a/.ci/openshift-ci/common.sh b/.ci/openshift-ci/common.sh
index 17b6b1d8e5..ef9cba78ec 100644
--- a/.ci/openshift-ci/common.sh
+++ b/.ci/openshift-ci/common.sh
@@ -189,6 +189,25 @@ setupPersonalAccessToken() {
   oc apply -f pat-secret.yaml -n ${USER_CHE_NAMESPACE}
 }
 
+setupSSHKeyPairs() {
+  GIT_PRIVATE_KEY=$1
+  GIT_PUBLIC_KEY=$2
+
+  echo "[INFO] Setup SSH Key Pairs Secret"
+  oc project ${USER_CHE_NAMESPACE}
+  ENCODED_GIT_PRIVATE_KEY=$(echo "${GIT_PRIVATE_KEY}" | base64 -w 0)
+  ENCODED_GIT_PUBLIC_KEY=$(echo "${GIT_PUBLIC_KEY}" | base64 -w 0)
+  cat .ci/openshift-ci/ssh-secret.yaml > ssh-secret.yaml
+
+  # patch the ssh-secret.yaml file
+  sed -i "s#ssh_private_key#${ENCODED_GIT_PRIVATE_KEY}#g" ssh-secret.yaml
+  sed -i "s#ssh_public_key#${ENCODED_GIT_PUBLIC_KEY}#g" ssh-secret.yaml
+
+  cat ssh-secret.yaml
+
+  oc apply -f ssh-secret.yaml -n ${USER_CHE_NAMESPACE}
+}
+
 runTestWorkspaceWithGitRepoUrl() {
   WS_NAME=$1
   PROJECT_NAME=$2
@@ -314,6 +333,18 @@ testCloneGitRepoWithSetupPat() {
   { echo "[ERROR] Project file /projects/${PROJECT_NAME}/${YAML_FILE_NAME} should be present." && exit 1; }
 }
 
+testCloneGitRepoProjectShouldExists() {
+  WS_NAME=$1
+  PROJECT_NAME=$2
+  GIT_REPO_URL=$3
+  OCP_USER_NAMESPACE=$4
+
+  runTestWorkspaceWithGitRepoUrl ${WS_NAME} ${PROJECT_NAME} ${GIT_REPO_URL} ${OCP_USER_NAMESPACE}
+  echo "[INFO] Check the repository is cloned"
+  testProjectIsCloned ${PROJECT_NAME} ${OCP_USER_NAMESPACE} || \
+  { echo "[ERROR] Project file /projects/${PROJECT_NAME}/${YAML_FILE_NAME} should be present." && exit 1; }
+}
+
 setupTestEnvironment() {
   OCP_USER_NAME=$1
 
diff --git a/.ci/openshift-ci/ssh-secret.yaml b/.ci/openshift-ci/ssh-secret.yaml
new file mode 100644
index 0000000000..2e514c796d
--- /dev/null
+++ b/.ci/openshift-ci/ssh-secret.yaml
@@ -0,0 +1,15 @@
+apiVersion: v1
+kind: Secret
+metadata:
+  name: git-ssh-key
+  annotations:
+    controller.devfile.io/mount-as: subpath
+    controller.devfile.io/mount-path: /etc/ssh/
+  labels:
+    controller.devfile.io/mount-to-devworkspace: "true"
+    controller.devfile.io/watch-secret: "true"
+type: Opaque
+data:
+  dwo_ssh_key: ssh_private_key
+  dwo_ssh_key.pub: ssh_public_key
+  ssh_config: aG9zdCAqCiAgSWRlbnRpdHlGaWxlIC9ldGMvc3NoL2R3b19zc2hfa2V5CiAgU3RyaWN0SG9zdEtleUNoZWNraW5nID0gbm8K
diff --git a/.ci/openshift-ci/test-bitbucket-no-pat-oauth-flow-raw-devfile-url.sh b/.ci/openshift-ci/test-bitbucket-no-pat-oauth-flow-raw-devfile-url.sh
new file mode 100644
index 0000000000..b97800a52a
--- /dev/null
+++ b/.ci/openshift-ci/test-bitbucket-no-pat-oauth-flow-raw-devfile-url.sh
@@ -0,0 +1,32 @@
+#!/bin/bash
+#
+# Copyright (c) 2023 Red Hat, Inc.
+# This program and the accompanying materials are made
+# available under the terms of the Eclipse Public License 2.0
+# which is available at https://www.eclipse.org/legal/epl-2.0/
+#
+# SPDX-License-Identifier: EPL-2.0
+#
+# Contributors:
+#   Red Hat, Inc. - initial API and implementation
+#
+
+# exit immediately when a command fails
+set -ex
+# only exit with zero if all commands of the pipeline exit successfully
+set -o pipefail
+
+export PUBLIC_REPO_RAW_PATH_URL=${PUBLIC_REPO_RAW_PATH_URL:-"https://bitbucket.org/chepullreq/public-repo/raw/746000bd63a54eaf8ea8aba9dfe6620e5c6c61d7/devfile.yaml"}
+export PRIVATE_REPO_RAW_PATH_URL=${PRIVATE_REPO_URL:-"https://bitbucket.org/chepullreq/private-repo/raw/80b183d27c6c533462128b0c092208aad73b2906/devfile.yaml"}
+
+# import common test functions
+SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" &> /dev/null && pwd )"
+source "${SCRIPT_DIR}"/common.sh
+
+trap "catchFinish" EXIT SIGINT
+
+setupTestEnvironment ${OCP_NON_ADMIN_USER_NAME}
+testFactoryResolverNoPatOAuth ${PUBLIC_REPO_RAW_PATH_URL} ${PRIVATE_REPO_RAW_PATH_URL}
+
+testClonePublicRepoNoPatOAuth ${PUBLIC_REPO_WORKSPACE_NAME} ${PUBLIC_PROJECT_NAME} ${PUBLIC_REPO_RAW_PATH_URL} ${USER_CHE_NAMESPACE}
+testClonePrivateRepoNoPatOAuth ${PRIVATE_REPO_WORKSPACE_NAME} ${PRIVATE_PROJECT_NAME} ${PRIVATE_REPO_RAW_PATH_URL} ${USER_CHE_NAMESPACE}
diff --git a/.ci/openshift-ci/test-bitbucket-no-pat-oauth-flow-ssh-url.sh b/.ci/openshift-ci/test-bitbucket-no-pat-oauth-flow-ssh-url.sh
new file mode 100644
index 0000000000..d64ec38435
--- /dev/null
+++ b/.ci/openshift-ci/test-bitbucket-no-pat-oauth-flow-ssh-url.sh
@@ -0,0 +1,34 @@
+
+#!/bin/bash
+#
+# Copyright (c) 2023 Red Hat, Inc.
+# This program and the accompanying materials are made
+# available under the terms of the Eclipse Public License 2.0
+# which is available at https://www.eclipse.org/legal/epl-2.0/
+#
+# SPDX-License-Identifier: EPL-2.0
+#
+# Contributors:
+#   Red Hat, Inc. - initial API and implementation
+#
+
+# exit immediately when a command fails
+set -ex
+# only exit with zero if all commands of the pipeline exit successfully
+set -o pipefail
+
+export PUBLIC_REPO_SSH_URL=${PUBLIC_REPO_SSH_URL:-"git@bitbucket.org:chepullreq/public-repo.git"}
+export PRIVATE_REPO_SSH_URL=${PRIVATE_REPO_SSH_URL:-"git@bitbucket.org:chepullreq/private-repo.git"}
+
+# import common test functions
+SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" &> /dev/null && pwd )"
+source "${SCRIPT_DIR}"/common.sh
+
+trap "catchFinish" EXIT SIGINT
+
+setupTestEnvironment ${OCP_NON_ADMIN_USER_NAME}
+setupSSHKeyPairs "${BITBUCKET_PRIVATE_KEY}" "${BITBUCKET_PUBLIC_KEY}"
+testFactoryResolverNoPatOAuth ${PUBLIC_REPO_SSH_URL} ${PRIVATE_REPO_SSH_URL}
+
+testCloneGitRepoProjectShouldExists ${PUBLIC_REPO_WORKSPACE_NAME} ${PUBLIC_PROJECT_NAME} ${PUBLIC_REPO_SSH_URL} ${USER_CHE_NAMESPACE}
+testCloneGitRepoProjectShouldExists ${PRIVATE_REPO_WORKSPACE_NAME} ${PRIVATE_PROJECT_NAME} ${PRIVATE_REPO_SSH_URL} ${USER_CHE_NAMESPACE}