# GitLab GitLab is a web-based DevOps lifecycle tool that provides a Git repository manager providing wiki, issue-tracking, and continuous integration and deployment pipeline features. Connecting your GitLab allows OX to map your apps and scan them for security issues. > **Note:** GitLab webhook integrations do not support IDP-based credentials (such as OAuth or SSO). You must use personal or group access tokens. ### GitLab server * **gitlab.com** - if you are using the public SaaS GitLab server, you can use either an "Identity provider" or "Token" login. The Token option has the address of the SaaS server by default. * **GitLab Enterprise** - if you are using a private GitLab installation, use the "Token" login and provide the GitLab server URL on the "Token" login tab. ### Connection options * **Identity Provider** - just click “Connect” under the “Identity Provider” tab and follow the instructions on the screen. ![GitLab connector](/files/TF2avOyEbWxKzyOGvKmc) {% file src="/files/FzwgM5aQvNSIiafocmx5" %} GitLab Connector - Onboarding using Identity Provider - Video {% endfile %} * **Token** - Create a token in GitLab with the permissions (scopes) mentioned below, copy the token into the token field and click “Connect.” ![Token](/files/1BZ7JpsapqxQbrRkz9E5) ### Token scopes required * api * read\_user * read\_registry ![Token scopes](/files/JO5KI6hqCjx5MNVYn673) Once you have verified GitLab connectivity, you can see all the repositories and select them for scanning. ### Setting repositories' scope You can use the "Gear" icon to choose the repositories' scope OX will cover. Only repositories chosen here will be covered and scanned. Here you can also decide what will happen by default with newly discovered repositories. {% file src="/files/c053EHgzENfZsc65mAvr" %} GitLab Connector - Onboarding using a Token - Video {% endfile %} --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.ox.security/get-started/onboarding-to-ox/source-control/gitlab.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.