GitLab

Pull users and group memberships from GitLab (cloud or self-hosted) using a personal access token.

Source connector

Source connector — pulls identity and access data from GitLab into ComplianceScout where it is scored against your compliance frameworks and violation rules.

What ComplianceScout collects

After a successful sync, the following data is available in your ComplianceScout dashboard for violation detection and reporting.

All GitLab users with username, email, status, and admin flag
Group and subgroup memberships with access level (Guest, Reporter, Developer, Maintainer, Owner)
Project membership and access level
Two-factor authentication enrollment status per user

Required credentials

These fields are collected when you add the connector in the ComplianceScout dashboard. Secrets are encrypted at rest using AES-256-GCM and are never logged.

Field	Type	Required	Notes
Personal access token	Secret	Required	Create under User Settings → Access Tokens. Requires read_api scope and admin access to list all users.
GitLab URL	URL	Optional	Optional. Defaults to https://gitlab.com. Set to your self-hosted instance URL.

How to set up this connector

Follow these steps to gather the credentials above and connect GitLab to ComplianceScout.

Log in to GitLab and go to your avatar → Edit profile → Access Tokens → Add new token.
Name it "ComplianceScout", select an expiry, and check the read_api scope.
Click Create personal access token and copy the value.
In ComplianceScout, go to Data & Secrets → Integrations → Add Connector → GitLab, enter the token (and your instance URL if self-hosted), then click Test and Save.

Ready to connect GitLab?

Start a free trial — your tenant is provisioned instantly and you can wire up this integration from the connectors page.

Start a free trial Add connector →