Getting Started
To integrate your self-managed GitLab with CodeRabbit, we require specific information for the initial setup within your domain. Once this setup is complete, you can log in directly using the OAuth2 flow.Visit CodeRabbit login page

Enter your GitLab instance URL

Choose onboarding method
Onboarding Options
Automated Onboarding (Recommended)

Manual Onboarding
For the manual onboarding process, you need to create the CodeRabbit user and the OAuth2 GitLab application.
Creating CodeRabbit User
This feature will work with any user from your organization, but we strongly recommend creating a dedicated user called CodeRabbitAI. This ensures clarity about which user is used for our application and allows for better fine-grained access control.@coderabbitai β or the username of the user you create here, if it differs.Create the user
Retrieve user information
Generate access token
Creating OAuth2 Application
For self-managed GitLab, we recommend creating an instance-wide application unless you want the reviews to be limited to a single group or user. Follow the steps outlined in the GitLab documentation for creating the application.- Scopes:
api read_user email openid - Callback URL:
https://app.coderabbit.ai/login
Generating Personal Access Token
GitLab offers an option to generate a personal access token for adding a new user and setting up the application in the self-managed instance.Login to your instance
Access user settings
Navigate to Access Tokens
Create new token
Configure token settings
- Enter a name and expiry date for the token
- We need this for the initial setup, so the minimum expiry time is sufficient
- If you do not enter an expiry date, it defaults to 365 days from the current date
- Select the required scopes:
api,read_api,read_user
Generate and save token

Paste the details and click submit
- Submit the form.
- We will handle the setup process for you.
- On subsequent visits, your setup will be automatically detected, allowing for direct login.

Allow list CodeRabbit IP address
Use this CodeRabbit IP if your instance requires IP allow listing.Manual webhook installation
Use this flow when you need to install the webhook manually or rotate the shared webhook secret. The Webhook Secret page is available in CodeRabbit for supported Git providers, including GitLab.com and self-managed GitLab.Open Webhook Secret settings
Copy the webhook URL
Save or change the webhook secret
Configure the GitLab webhook
- Merge request events
- Comments
- Issues events
- SSL verification enabled
Bulk webhook installation
For administrators managing many GitLab projects, you can use a script to bulk-install webhooks across all projects.Login to CodeRabbit UI
Copy the webhook URL and secret
Run script to install webhooks
- Your GitLab host URL
- The webhook URL you copied in the previous step
- The webhook secret you saved in the previous step
- A GitLab access token with API permissions
gitlab-webhook.sh script
gitlab-webhook.sh script
Example: Install webhook on a single project
Example: Install webhooks on all projects in a group (including subgroups)
Repository installation
After completing onboarding, install CodeRabbit on individual projects or across a GitLab group from the Repositories page in the CodeRabbit app. The permission model and steps are the same as for GitLab.com β see Repository installation for details. After a group installation, repositories later created in or added to that group and its subgroups are activated automatically when their first merge request or pull request is opened. See Automatic installation for new group repositories for the prerequisites and expected behavior. GitLab.com tier restrictions described there do not necessarily apply to self-managed GitLab; availability depends on your GitLab license and instance configuration.SSH repository access
By default, CodeRabbit clones your GitLab projects over HTTPS. If HTTPS is not available or your organization prefers SSH for repository access, you can configure SSH clone credentials in the CodeRabbit web app.Prerequisites
- An SSH key pair generated without a passphrase. CodeRabbit cannot use passphrase-protected keys.
- The public key must be registered on the GitLab account used by CodeRabbit under Edit profile β SSH Keys. GitLab will deny SSH access if the public key is not registered! See the GitLab documentation on SSH keys.
Configure SSH clone credentials
Log in to CodeRabbit
Open account settings
Navigate to SSH Clone Credentials
Enter your SSH credentials
pbcopy (macOS) or xclip (Linux) to copy each key file to your clipboard, then paste directly into the corresponding field.Save your credentials