Connecting GitLab account with PingSafe

Steps on integrating GitLab with PingSafe account to continuously scan projects for hardcoded secrets and IaC issues.

Why integrate PingSafe with GitLab?

Integrating GitLab with PingSafe can help you identify security threats related to hardcoded secrets present in private repositories and scan your IaC project for possible cloud misconfiguration. 

Steps to connect GitLab account with PingSafe.

  1. Login to PingSafe. Click on your user profile(marked within the circle). Click on Settings.Y7PDjXM3BwEJfN7R4rBwi3SnzA0PIC6lEaOx95wmPNZjlNyjLGPgL4jBy7FkZGRQBEao9wJMpFBMTbQEY601C7VKKlHoEUegFzB8tndSvpax1R5xica8AJYQ0Xm0jHEY61KKixjA-3 copy
  2. In the settings tab under the VCS Integrations section, click on Gitlab.Screenshot 2022-06-01 at 1.18.34 AM
  3. Click "Add to GitLab"
  4. Visit to create personal access token for GitLab Cloud. Otherwise visit <GitLab Server Host>: <GitLab Server Port>/-/profile/personal_access_tokens
  5. Generate a personal token with permissions shown in the screenshot below. Keep the expiry to a minimum of 2 years from the date of creation.
    Screenshot 2022-06-01 at 1.07.49 AM
  6. Copy the generated access token. Screenshot 2022-06-01 at 1.09.29 AM
  7. If your Gitlab instance is on : Paste the copied token under Personal Access Token. Click on Submit.
  8. If your Gitlab instance is either private or is accessible only on-premises : Then replace the Server Host and Server Port by your instance's address and port e.g. Paste the copied token under Personal Access Token
     then Click on the checkbox and press the Next button.

    Follow the steps given on the next screen and then press the checkbox button to acknowledge that the broker setup was successful. Finally click on Submit to complete the onboarding process.
  9. In order to start secret detection on your repositories, go to the “Secret Detection” tab and turn on the scanning for your repositories.
  10. In order to start scanning your IaC repositories, go to the “IaC scanning” tab and turn on the scanning for your repositories.
    Screenshot 2022-12-02 at 1.04.48 PM-1

Please feel free to reach out to with any questions that you may have.


PingSafe Support