ConnectorsGitLab

GitLab

Live

OAUTH 2.0

DEVELOPER TOOLS

Code, pipelines, and deployments all live in GitLab. Your agent can inspect merge requests, surface CI failures, and track releases, scoped to the projects the user can access.

  • Acts as the user: Project access and write actions stay tied to the GitLab account that authorized the agent.
  • Credentials stay vaulted: AES-256, resolved at request time, never in LLM context.
  • Scoped before every call: User permissions enforced. 90-day audit trail.
Get Started free
View docs
GitLab
agent · Acme Q3
Run
List all failing CI pipelines in the last 24 hours across my projects.
S
gitlab_pipelines_list
82ms
GitLab agent
3 failing pipelines: auth-service (main, stage: deploy, 4h ago), api-gateway (release-1.2, stage: test, 9h ago), worker-service (feature/retry, stage: lint, 18h ago).
Sources: 3 pipelines, 3 projects
gitlabmcp
3 pipelines
18:29
Message Claude...

Tools your GitLab agent reaches for, scoped per user.

CALL ANY TOOL
Read repos, manage issues and MRs, inspect pipelines, and create project variables. Same toolkit, every framework, no auth plumbing.
gitlab_issues_list
List issues
List issues in a project with optional filters for state, assignee, labels, and milestone.
Parameters
Name
Type
Required
Description
project_id
string
Required
Project ID or URL-encoded path
state
string
Optional
Issue state: opened, closed, all
assignee_username
string
Optional
Filter by assignee username
labels
string
Optional
Comma-separated label names
gitlab_issue_create
Create issue
gitlab_merge_requests_list
List merge requests
gitlab_pipelines_list
List pipelines
gitlab_project_get
Get project
gitlab_label_create
Create label
Build your Agent
Drop the toolkit in, point it at the user, and your agent can manage GitLab issues, MRs, and CI pipelines from the first run.
Langchain
OpenAI
Anthropic
Google ADK
Copied
import { ScalekitClient } from "@scalekit-sdk/node";
import { DynamicStructuredTool } from "@langchain/core/tools";
import { createReactAgent } from "@langchain/langgraph/prebuilt";

const sk = new ScalekitClient(envUrl, clientId, clientSecret);

const { tools } = await sk.tools.listScopedTools("user_123", {
  filter: { connectionNames: ["gitlab"], toolNames: ["gitlab_issues_list", "gitlab_merge_requests_list", "gitlab_pipelines_list"] },
  pageSize: 100,
});

const lcTools = tools.map((t) => new DynamicStructuredTool({
  name: t.tool.definition.name,
  description: t.tool.definition.description,
  schema: t.tool.definition.input_schema,
  func: async (args) => sk.tools.executeTool({
    toolName: t.tool.definition.name, identifier: "user_123", toolInput: args,
  }),
}));

const agent = createReactAgent({ llm, tools: lcTools });
Copied
import { ScalekitClient } from "@scalekit-sdk/node";
import OpenAI from "openai";

const sk = new ScalekitClient(envUrl, clientId, clientSecret);
const openai = new OpenAI();

const { tools } = await sk.tools.listScopedTools("user_123", {
  filter: { connectionNames: ["gitlab"], toolNames: ["gitlab_issues_list", "gitlab_merge_requests_list", "gitlab_pipelines_list"] },
  pageSize: 100,
});

const llmTools = tools.map((t) => ({
  type: "function",
  function: {
    name: t.tool.definition.name,
    description: t.tool.definition.description,
    parameters: t.tool.definition.input_schema,
  },
}));

const resp = await openai.responses.create({
  model: "gpt-4o", input: prompt, tools: llmTools,
});
import { ScalekitClient } from "@scalekit-sdk/node";
import Anthropic from "@anthropic-ai/sdk";

const sk = new ScalekitClient(envUrl, clientId, clientSecret);
const anthropic = new Anthropic();

const { tools } = await sk.tools.listScopedTools("user_123", {
  filter: { connectionNames: ["gitlab"], toolNames: ["gitlab_issues_list", "gitlab_merge_requests_list", "gitlab_pipelines_list"] },
  pageSize: 100,
});

const llmTools = tools.map((t) => ({
  name: t.tool.definition.name,
  description: t.tool.definition.description,
  input_schema: t.tool.definition.input_schema,
}));

const msg = await anthropic.messages.create({
  model: "claude-sonnet-4-6", max_tokens: 1024,
  tools: llmTools,
  messages: [{ role: "user", content: prompt }],
});
Copied
import { Agent } from "@google/adk/agents";
import {
  MCPToolset, StreamableHTTPConnectionParams,
} from "@google/adk/tools/mcp";

const toolset = new MCPToolset({
  connectionParams: new StreamableHTTPConnectionParams({
    url: "https://mcp.scalekit.com/gitlab",
    headers: { Authorization: `Bearer ${userScopedToken}` },
  }),
});

const agent = new Agent({
  name: "agent", model: "gemini-2.0-flash",
  tools: await toolset.getTools(),
});
Try these prompts
Paste any prompt into your agent to start managing GitLab DevOps workflows.
Search & recall
Copy the prompt
Copied
List all open issues assigned to me in [project].
Copy the prompt
Copied
Show me all failing CI pipelines in the last 24 hours.
Copy the prompt
Copied
Find all MRs waiting for review in [project].
Copy the prompt
Copied
What issues are labeled [bug] in [project]?
Action & creation
Copy the prompt
Copied
Create an issue in [project]: [title] — [description].
Copy the prompt
Copied
Add label [backend] to issue #[id] in [project].
Copy the prompt
Copied
Assign MR #[id] to [username].
Copy the prompt
Copied
Create a project variable [KEY]=[value] in [project].
CI/CD & pipelines
Copy the prompt
Copied
Which pipeline stages are failing in [project] on main?
Copy the prompt
Copied
List all pending MRs with pipeline status failed.
Copy the prompt
Copied
Show me recent pipeline runs for [branch name].
Copy the prompt
Copied
What are the open milestones in [project]?
SEE HOW AUTH WORKS
Users authorize GitLab once. Their account credentials stay vaulted, every call is checked, and every action is logged.
1
Authorize
Your user connects
GitLab
once. We tie it to their identity and the meetings they approved — no shared bot account, no org-wide access
Who:
user ‘A’
when:
Once per user
access:
A’s meetings only
2
Store
Their
GitLab
token lives in a vault scoped to them. User A's meetings are never reachable by an agent acting for user B, even on the same connection
vault:
encrypted
scope:
per-user
tokens:
auto-refreshed
3
Resolve
When your agent calls a
GitLab
tool, we fetch the right token server-side. It never touches your agent, never appears in the LLM context, never shows up in your logs
speed:
~40ms
check:
before every call
seen by:
nobody
4
Audit
Every
GitLab
tool call is logged — who triggered it, which meeting was fetched, what came back. 90 days of history, tied to the user who authorized it
history:
90 days
export:
SIEM-ready
logged:
every call
Test other agents
See the same per-user auth pattern across GitHub, Jira, and other developer tools connectors.
ENGINEERING
Engineering standup agent
Aggregate GitHub and GitLab activity, link to Jira tickets, and post a daily standup digest to Slack. No async updates to chase.
GitHub
GitLab
Jira
Slack
View agent
ENGINEERING
DevOps assistant agent
Triage GitHub incidents, open Linear tickets, and notify the on-call channel in Slack with context already attached.
GitHub
Linear
Slack
View agent
Why Scalekit
Secure your agent's access. Connectors ship in minutes
Other connector libraries treat auth as a demo afterthought. Scalekit starts with user identity, scope enforcement, and audit.
01.
Shared tokens break per-user analytics
A shared token looks fine in a demo. In production every call looks like a service account. Scalekit resolves the real user credential so attribution, audit, and scope stay accurate.
// shared token
 audit → bot_service_account
 user_filter → broken

 // scalekit
 audit → user_abc
 scope → enforced ✓
02.
Authentication is not authorization
03.
Multi-tenancy is architectural
04.
GitLab today. Others tomorrow.
Capability
DIY
Scalekit AgentKit
Token storage
Build + maintain yourself
AES-256 vault, managed
Per-user isolation
Custom credential map
Per-tenant namespace, default
Scope enforcement
Manual checks or none
Per-request, pre-API call
Token refresh
Cron job you maintain
Automatic
Audit trail
Build your own logging
90-day, SIEM-exportable
New connector
New OAuth implementation
Same pattern, one config
Multi-framework
Per-framework adapter code
8 adapters included
“Our agents act across Salesforce, Gong, Google Drive, and more, on behalf of every customer. Scalekit behind the scenes meant we can keep adding tools without ever rebuilding how credentials or tool calling work.”
Venu Madhav Kattagoni
Head of Engineering / Von
On this page
Tool and actionsFramework CompatibilityStarter PromptAuth LifecycleTry Other AgentsWhy Scalekit
Quick links
OverviewQuickstartAll connectors
Similar connectors
GitHub
Linear
Jira
Start in your coding agent
Up and running in one command
Install the Scalekit skill in your editor of choice. Connector, auth, tools, prompt, all wired up
Claude Code
Cursor
Codex
Copilot
Claude Code REPL
CopyCopied
/plugin marketplace add scalekit-inc/claude-code-authstack
/plugin install agentkit@scalekit-auth-stack
Cursor Code REPL
CopyCopied
# ~/.cursor/mcp.json
{
""mcpServers"": {
""gitlab"": {
""url"": ""https://mcp.scalekit.com/gitlab"",
""headers"": { ""Authorization"": ""Bearer $SCALEKIT_TOKEN"" }
}
}
}
Codex Code REPL
CopyCopied
# ~/.codex/config.toml
[mcp_servers.gitlab]
url = ""https://mcp.scalekit.com/gitlab""
auth_env = ""SCALEKIT_TOKEN""
Copilot Code REPL
CopyCopied
# .vscode/mcp.json
{
""servers"": {
""gitlab"": {
""url"": ""https://mcp.scalekit.com/gitlab"",
""type"": ""http""
}
}
}
The auth stack for agents.
hi@scalekit.com
Scalekit Inc
2261 Market Street, STE 86971
San Francisco, CA 94114
Join our community
AgentKit
QuickstartConnectorsAGENTKIT SDKCODE SAMPLESAgentKit Pricing
Auth for SaaS  
org and UserSSOSCIMMCP AUth
RBACPasswordlessAUTH FOR SAAS PRICING
Developers
DocsAPI ReferenceSDKsGitHubBlog
Company
LegalTrust centerCustomers
COMPLIANCE
Follow us on
All systems operational
© 2026 SCALEKIT, INC.

We use cookies, so things load fast, we learn what to fix, and you can always reach us on chat

Okay, got it! 
Start in your coding agent
Up and running in one command
Install the Scalekit skill in your editor of choice. Connector, auth, tools, prompt, all wired up
Claude Code
Cursor
Windsurf
Codex
Copilot
Claude Code REPL
CopyCopied
/plugin marketplace add scalekit-inc/claude-code-authstack
/plugin install agentkit@scalekit-auth-stack
Cursor Code REPL
CopyCopied
# ~/.cursor/mcp.json
{
""mcpServers"": {
""gitlab"": {
""url"": ""https://mcp.scalekit.com/gitlab"",
""headers"": { ""Authorization"": ""Bearer $SCALEKIT_TOKEN"" }
}
}
}
Windsurf Code REPL
CopyCopied
# ~/.cursor/mcp.json
{
""mcpServers"": {
""gitlab"": {
""url"": ""https://mcp.scalekit.com/gitlab"",
""headers"": { ""Authorization"": ""Bearer $SCALEKIT_TOKEN"" }
}
}
}
Codex Code REPL
CopyCopied
# ~/.codex/config.toml
[mcp_servers.gitlab]
url = ""https://mcp.scalekit.com/gitlab""
auth_env = ""SCALEKIT_TOKEN""
Copilot Code REPL
CopyCopied
# .vscode/mcp.json
{
""servers"": {
""gitlab"": {
""url"": ""https://mcp.scalekit.com/gitlab"",
""type"": ""http""
}
}
}