GitLab

Kiro Web integrates with GitLab so you can add a GitLab project to a session, have the agent make changes, and open a merge request on your behalf.

Connect GitLab

Kiro Web connects to GitLab using a personal access token (PAT):

In GitLab, select your avatar and choose Preferences, then go to Access > Personal access tokens and select Generate token
Select a scope, then create the token and copy it. The api scope gives Kiro full access; see Permissions if you want to scope the token down
In Kiro, go to Settings and select the Agent tab
Under GitLab, click Connect GitLab
Paste your personal access token and select the GitLab instance (gitlab.com is populated by default)

Once connected, your GitLab projects are available to select when you create a session or add a repository mid-session.

How the agent works with GitLab

Clones projects
The agent clones your authorized GitLab projects into its isolated sandbox environment, where it reads the code and makes changes.

Creates branches and commits
For each task, the agent creates a feature branch, makes commits with clear messages, and pushes to your project. The agent acts on your behalf and includes both you and itself as co-authors in every commit.

Opens merge requests
After completing work, the agent opens a merge request with a description of the changes, the implementation approach, and any trade-offs considered.

What you can ask the agent to do

Work on code — clone a project, make changes, push a branch, and open a merge request for your changes.
Inspect merge requests — list open or merged merge requests, show the details and diffs for a merge request, find the branch a merge request is on, and read its discussions and notes.
Review issues — list open issues, show the details of an issue, and read the comments on an issue.

Mixing GitLab and GitHub in one session

You can add both GitLab and GitHub repositories to the same session. The agent works across all selected repositories at once—reading code, making changes, and opening a merge request on GitLab and a pull request on GitHub as appropriate for each provider. This lets the agent coordinate changes that span projects hosted on different providers.

Permissions

The agent's access to GitLab is scoped by the scope you grant your personal access token. Choose the one that matches how much access you want to give:

api — full access. The agent can read your projects, push branches, create merge requests, and work with issues on your behalf. This is the default and supports all of Kiro's GitLab capabilities.
read_api — read-only access. The agent can inspect projects, merge requests, and issues, but cannot push branches or open merge requests.
write_repository — code access without issues. The agent can read your projects, push branches, and open merge requests, but cannot access issues.

Other notes on access:

The agent can only access projects that your GitLab user has access to.
You can revoke access at any time by deleting the personal access token in GitLab, or by disconnecting GitLab from the Agent tab in Settings.

Page updated: June 11, 2026

GitHub

Data protection

Kiro Web integrates with GitLab so you can add a GitLab project to a session, have the agent make changes, and open a merge request on your behalf.

Connect GitLab

Kiro Web connects to GitLab using a personal access token (PAT):

In GitLab, select your avatar and choose Preferences, then go to Access > Personal access tokens and select Generate token
Select a scope, then create the token and copy it. The api scope gives Kiro full access; see Permissions if you want to scope the token down
In Kiro, go to Settings and select the Agent tab
Under GitLab, click Connect GitLab
Paste your personal access token and select the GitLab instance (gitlab.com is populated by default)

Once connected, your GitLab projects are available to select when you create a session or add a repository mid-session.

How the agent works with GitLab

Clones projects
The agent clones your authorized GitLab projects into its isolated sandbox environment, where it reads the code and makes changes.

Opens merge requests
After completing work, the agent opens a merge request with a description of the changes, the implementation approach, and any trade-offs considered.

What you can ask the agent to do

Work on code — clone a project, make changes, push a branch, and open a merge request for your changes.
Inspect merge requests — list open or merged merge requests, show the details and diffs for a merge request, find the branch a merge request is on, and read its discussions and notes.
Review issues — list open issues, show the details of an issue, and read the comments on an issue.

Mixing GitLab and GitHub in one session

Permissions

The agent's access to GitLab is scoped by the scope you grant your personal access token. Choose the one that matches how much access you want to give:

api — full access. The agent can read your projects, push branches, create merge requests, and work with issues on your behalf. This is the default and supports all of Kiro's GitLab capabilities.
read_api — read-only access. The agent can inspect projects, merge requests, and issues, but cannot push branches or open merge requests.
write_repository — code access without issues. The agent can read your projects, push branches, and open merge requests, but cannot access issues.

Other notes on access:

The agent can only access projects that your GitLab user has access to.
You can revoke access at any time by deleting the personal access token in GitLab, or by disconnecting GitLab from the Agent tab in Settings.

Page updated: June 11, 2026

GitHub

Data protection