Book a demo

GitLab Webhooks

OX Security integrates with GitLab webhooks to enable commit status updates and merge request comments after scans.

Note: GitLab webhook integrations do not support IDP-based credentials (such as OAuth or SSO). You must use personal or group access tokens.

Step 1: Configure webhooks in GitLab

After configuring your connector in the OX platform, create a webhook in GitLab. You can set it at the group level or project level.

Field
Value

URL

https://api.cloud.ox.security/api/gitlab/webhooks

Secret token

Your OX Security integration key.

Triggers

Enable Merge request events and Push events, depending on your needs.

Step 2: Enable scanning with webhooks in OX Security

For example:

  • Commit status: Appears as an external stage check in GitLab.

  • Merge request note: A comment with scan details is added to the merge request.

Last updated