GitLab
The GitLab connector gives AI agents full visibility into repositories, issues, merge requests, CI/CD pipelines, and source code — all via the GitLab REST API using OAuth 2.0. Your credentials are stored encrypted in MCPGate's vault and are never exposed to the AI client.
Required scopes#
MCPGate requests the following OAuth scopes when you connect a GitLab account.
| Scope | Purpose |
|---|---|
| read_user | Read the authenticated user profile |
| read_api | Read projects, issues, MRs, pipelines, and files |
| write_repository | Create and update issues and merge requests |
Tool reference#
The GitLab connector exposes 13 tools: 10 read and 3 write.
| Tool | Category | Description |
|---|---|---|
| gitlab_list_projects | read | List GitLab projects accessible to the authenticated user |
| gitlab_get_project | read | Get a specific GitLab project by ID or path |
| gitlab_list_issues | read | List issues for a GitLab project |
| gitlab_list_mrs | read | List merge requests for a GitLab project |
| gitlab_get_mr | read | Get a specific merge request by project and MR IID |
| gitlab_list_pipelines | read | List CI/CD pipelines for a GitLab project |
| gitlab_get_pipeline | read | Get a specific pipeline by project and pipeline ID |
| gitlab_read_file | read | Read a file from a GitLab repository |
| gitlab_search_code | read | Search for code across GitLab projects |
| gitlab_list_branches | read | List branches for a GitLab project |
| gitlab_create_issue | write | Create a new issue in a GitLab project |
| gitlab_update_issue | write | Update an existing GitLab issue |
| gitlab_create_mr | write | Create a new merge request in a GitLab project |
Common guardrail recipes#
Read-only access#
Enable only the ten read tools and deny gitlab_create_issue, gitlab_update_issue, and gitlab_create_mr. Useful for code-review assistants and pipeline monitors that should observe but never modify.
Contribute preset#
Enable read tools plus gitlab_create_issue and gitlab_create_mr. Deny gitlab_update_issue. This allows the AI to raise new issues and open MRs but not retroactively modify existing ones.
Restrict to specific projects#
Apply the allow_values template to all write tools. Target the project_id field and provide a list of numeric project IDs or namespace/project paths the agent is permitted to modify.
Troubleshooting#
- Project ID vs. path —
gitlab_get_projectand most write tools accept either a numeric project ID (e.g.123) or a URL-encoded path (e.g.namespace%2Frepo). Numeric IDs are more stable across renames. - MR IID vs. ID — GitLab merge requests have both a global
idand a project-scopediid. The connector usesmr_iid(the project-scoped number shown in the GitLab UI). - Pipeline access requires CI scope — On self-managed GitLab instances, some pipeline operations may require the
read_buildsscope. Re-connect to request the extended scope if pipeline tools return 403.