> ## Documentation Index
> Fetch the complete documentation index at: https://docs.backline.ai/llms.txt
> Use this file to discover all available pages before exploring further.

# GitLab Integration

> Connect your GitLab repositories to Backline

## Overview

GitLab is a platform for version control and collaborative DevOps. This integration connects Backline with GitLab to automatically create merge requests with secure fixes.

## What You Can Do

With the GitLab integration, Backline can:

* Access your GitLab projects and groups
* Analyze dependencies and detect outdated packages
* Create merge requests with security patches
* Track remediation progress across your GitLab projects

## Prerequisites

Before connecting GitLab, ensure you have:

* A GitLab organization
* A token with Developer role on the projects you want Backline to manage (Backline onboards every project the token is a member of)
* Access to generate a personal access token with the required scopes

## Connecting GitLab

<Steps>
  <Step title="Create Service Account">
    Log in to your GitLab organization and create a designated account for Backline. This account should have Developer role on the projects you want Backline to manage.
  </Step>

  <Step title="Configure Project Access">
    Grant the account Developer access to the projects you want Backline to remediate. Backline onboards every project the token is a member of.
  </Step>

  <Step title="Create Personal Access Token">
    In GitLab, create a unique personal access token with the following settings:

    * **Token name**: Give it a unique, identifiable name (e.g., "Backline Integration")
    * **Expiration date**: Set an appropriate expiration date for your security policy
    * **Scopes**: Select the required scopes (detailed below)
  </Step>

  <Step title="Copy Token Value">
    Copy the generated token value. You won't be able to see it again after leaving the page.
  </Step>

  <Step title="Go to Integration Hub">
    In Backline, navigate to Integrations from the main menu.
  </Step>

  <Step title="Select GitLab">
    Find and click on the GitLab integration card.
  </Step>

  <Step title="Enter Token">
    Provide your Personal Access Token in the form field.
  </Step>

  <Step title="Verify Connection">
    Click **Connect** to verify your credentials. Once verified, Backline will securely link to your GitLab projects and enable automated remediation.
  </Step>
</Steps>

## Personal Access Token Configuration

Use a GitLab Personal Access Token (PAT) with a Developer role to allow cloning repositories, creating branches, committing changes, and managing merge requests. Backline onboards every project the token is a member of.

<Warning>
  The token's permissions in GitLab determine which repositories are included. Ensure it covers all projects you want to remediate.
</Warning>

### Required Scopes

Configure your GitLab personal access token with the following scopes:

* `api` - Full API access for managing projects, merge requests, and webhooks
* `read_repository` - Clone and read repository content
* `write_repository` - Create branches, commit changes, and push code

<Note>
  These scopes enable Backline to access your repositories, analyze code, and create merge requests with security fixes.
</Note>

## After Connection

Once GitLab is connected, Backline will:

1. Discover and catalog your projects
2. Generate remediation plans for vulnerabilities from those repositories
3. Create merge requests for approved fixes

## Managing the Integration

### Updating Access

To modify project access:

1. Visit your GitLab account settings
2. Navigate to Applications
3. Find Backline and adjust permissions