- Automated code reviews for newly created merge requests
- AI-powered suggestions displayed directly on merge requests
- Interactive assistance through the CodeRabbit bot for real-time feedback
- Seamless integration with your existing GitLab workflow
@coderabbitai â or the username of the service account you configure below, if it differs.GitLab Access Tokens
To enable CodeRabbit to interact with your GitLab repositories, you need to provide an access token that grants the necessary permissions for the Merge Requests and Discussions APIs. Choose the token type that best fits your organizationâs needs:Personal Access Token
Group Access Token
Personal Access Token
We recommend creating a new user as a service account, associating this user to the group youâd like to install CodeRabbit on, and providing CodeRabbit with the personal access token to allow access. During the installation process, CodeRabbit will automatically configure the required webhook for seamless integration.

Best Practices for Service Account Setup
Follow these recommendations when setting up your CodeRabbit service account:- Username: Use âCodeRabbitâ as the username for easy recognition
- Email: Use a dedicated email address for easy identification and management
- Profile picture: Use the CodeRabbit logo for easy recognition. Download our logo here
- Permissions: Ensure the dedicated user has at least Developer access to the group or projects where you want to install CodeRabbit
Important Considerations
- Navigate to the GitLab User page in the sidebar
- Enter the new access token and click the Update button
Generating a Personal Access Token
Log in to your CodeRabbit service account
Navigate to access tokens
- Select your avatar on the left sidebar 2. Choose Edit Profile 3. Select Access Tokens from the left sidebar 4. Click Add New Token
Configure token settings
- Enter a descriptive name for the token (e.g., âCodeRabbit Integrationâ)
- Set an expiry date for the token
Select required scopes
api - Full API access -
read_api - Read-only API access - read_user - Read user informationCreate and save the token
- Click Create Personal Access Token 2. Important: Copy and securely store the token immediately as it will only be displayed once

Group Access Token
Creating a Group Access Token in GitLab automatically generates a bot user. Ensure that the token is configured with Developer access. Once set up, you only need to provide this token for integration. Note that a Group Access Token is limited to the scope of the group where it was created. To configure additional groups, you will need to generate a separate Group Access Token for each group.Generating a Group Access Token
Navigate to your group
Access token settings
- Select Settings from the left sidebar 2. Select Access Tokens within the Settings heading
Create the token
- Create a Group Access Token 2. Ensure the
apiscope is selected 3. Ensure Developer Access is provided
group_63_bot_5753...). If you prefer a more descriptive username for your CodeRabbit bot, you can customize it using the GitLab API.You can find the botâs user ID through the CodeRabbit UI if connected, or by visiting the bot userâs profile from your Group Members page in GitLab.Configuring Access Tokens in CodeRabbit
GitLab project Owners and Maintainers can install CodeRabbit on individual projects from the Repositories page without requiring top-level GitLab group Owner access, including projects inside subgroups. The Install Group action is restricted to GitLab group Owners. By default, if no access token is provided, CodeRabbit prompts you to provide one during installation. To provide the token beforehand, open Account in the left sidebar, then under Provider settings, click GitLab User. Once you enter the token, CodeRabbit validates it and saves it for future use. You can confirm the correct user is being selected by verifying the user ID shown on the UI with the user ID of the service account user you created.Repository Installation
You can install CodeRabbit on individual GitLab projects or across a full GitLab group, depending on your GitLab role. Projects are selectable based on your permissions:- Project installation: GitLab project Owners and Maintainers can install CodeRabbit on the selected projects without top-level group Owner access.
- Group installation: Installing CodeRabbit for an entire GitLab group requires GitLab group Owner access. This installation also covers repositories added to the group later.
Access repository settings
Select repositories
Install CodeRabbit

Selectable and unavailable GitLab projects on the CodeRabbit Repositories page
https://coderabbit.ai/gitlabHandler will now be installed for the projects selected.

Automatic installation for new group repositories
After a GitLab group Owner completes the Install Group action, CodeRabbit also covers repositories that are later created in or added to the installed group and its subgroups. You do not need to select and install each new repository individually. This behavior relies on the group-level webhook and token installation. Use a Group Access Token where applicable, and complete the group installation as a GitLab group Owner.Manual webhook installation
If you install repositories from the Repositories page, CodeRabbit configures the webhook automatically. Use this flow only when you need to install the webhook manually or rotate the shared webhook secret. The Webhook Secret page is available in CodeRabbit for supported Git providers, including GitLab.com and self-managed GitLab.Open Webhook Secret settings
Copy the webhook URL
Save or change the webhook secret
Configure the GitLab webhook
- Merge request events
- Comments
- Issues events
- SSL verification enabled