Documentation

GitLab

Suggest Edits

The Identity Security Insights (Insights) and GitLab integration uses webhooks to allow Insights to automatically send detections and recommendations to GitLab in the form of a ticket, this eliminates manual intervention and delays, helping organizations improve their overall security posture.

⚠️

Important

Third-party documentation is subject to change. Updates might not be reflected in BeyondTrust documentation. For the most up-to-date information, visit Use GitLab.

Requirements

The required permissions in Insights:

  • Access to a tenant
  • An account with the Administrator role

The required permissions/access level in GitLab:

  • An active GitLab administrator account
  • An active project token

GitLab configuration

  1. Create a project in GitLab.
    1. Visit Create a project | GitLab.
  2. Add an active project token from the Access Tokens page.
    1. Visit Project access tokens | GitLab.
  3. After the project token has been added, navigate to the Insights Webhook page to set up the webhook.

Create a webhook in Insights

Creating a service account in BeyondTrust requires the following steps:

  • Create a user group.
  • Enable features and Smart Groups for the user group.
  • Create a user account and add it to the user group.
  • Generate OAuth credentials for the newly created service account using the SCIM connector in BeyondInsight.

Configure the Webhook URL, Authentication, and Template

To enable the integration, follow these steps:

  1. Go to Integrations > Webhooks > View Details.
  2. Click the Create Integration button.
  3. Enter the GitLab webhook URL in this format: <https://gitlab.example.com/api/v4/projects/your project number/issues?title=yourissuetitle>
  4. To create the webhook, use the following:
    • Webhook Name: Enter a name (for example, GitLab).
    • Webhook URL: Use the GitLab recommended URL format: https://gitlab.example.com/api/v4/projects/your project number/issues?title=yourissuetitle
      For more information, visit page Issues API | GitLab.
    • Authorization Type: Bearer
      • Token: Enter the active GitLab project token.
      • Webhook template: Use the following test webhook JSON template to test the connection and send a webhook to GitLab.
        {
        "description": "Severity:%%severity%%\nWhen:%%timestamp%%\nSummary:%%definitionSummary%%\nSource:%%source%%\nLocation:%%location%%\nEntity Type:%%entityType%%\nEntity Name:%%entityName%%"
        }
        You can use the variables in the Possible variables list.
  1. Click Save Integration.

Test and troubleshoot the integration

To test and invoke the webhook, perform the following instructions:

  • Click Test Settings. The “Configuration successfully created” displays.

To view the ticket/message created in GitLab:

  • Navigate to the Issues page where you will see the posted webhook message/ticket.

Updated 8 days ago

©2003-2025 BeyondTrust Corporation. All Rights Reserved. Other trademarks identified on this page are owned by their respective owners. BeyondTrust is not a chartered bank or trust company, or depository institution. It is not authorized to accept deposits or trust accounts and is not licensed or regulated by any state or federal banking authority.