Manage the EasyCLA GitLab App on GitLab

This page is for GitLab group owners managing the EasyCLA integration from inside GitLab, after a project manager has installed it through Project Control Center. It covers what you can do from the GitLab side: reviewing or revoking the authorization, adjusting access at the group level, and re-authorizing after a revoke.

• Review or Revoke the EasyCLA Authorization

• Add or Remove Projects from CLA Enforcement

• Re-authorize After a Revoke

• What the Integration Does

• Re-check a Merge Request

• Apply Changes in Project Control Center

Review or Revoke the EasyCLA Authorization

EasyCLA's GitLab access is granted through your GitLab user account at the time you click Authorize during installation. You can review or revoke that authorization from your GitLab user settings at any time:

1. Sign in to GitLab.com (or your self-hosted GitLab instance).

2. Click your avatar at the top right, then click Edit profile.

3. From the left navigation, click Applications.

4. Locate Linux Foundation EasyCLA under Authorized applications.

5. To remove EasyCLA's access entirely, click Revoke.

Add or Remove Projects from CLA Enforcement

When EasyCLA is authorized for a GitLab group, it gains access to every project in that group, including projects in subgroups. GitLab does not expose a per-project selector for OAuth applications, so individual project changes happen in Project Control Center rather than in GitLab:

• To enforce or remove CLA on individual projects within an already-connected group, see Enforce or Remove CLA Mechanism from GitLab Projects.

• To add a new GitLab group to a CLA Group, see Add GitLab Groups. Each connected group requires its own authorization step in GitLab.

• To disconnect an entire GitLab group from a CLA Group, see Disassociate GitLab Groups.

Re-authorize After a Revoke

If the EasyCLA authorization has been revoked in GitLab and you want to re-enable enforcement:

1. Sign in to Project Control Center, open the project, and navigate to Tools Status > EasyCLA.

2. Select the CLA Group and click Manage.

3. Under the GITLAB tab, locate the affected group and click Install GitLab EasyCLA App.

4. On GitLab's authorization page, click Authorize.

5. After GitLab shows the success page, close that tab, return to Project Control Center, and click I'm Done Installing.

For more detail, see Add and Manage GitLab Groups.

What the Integration Does

After you authorize the EasyCLA OAuth application, EasyCLA uses the granted scopes to:

• Read the list of projects under each connected group, including subgroups.

• Receive webhook events when a merge request is opened, updated, or commented on.

• Read the list of commit authors on a merge request to determine who must sign the CLA.

• Post a commit status on each merge request indicating whether all contributors have signed.

• Post a comment on the merge request with links to sign or check status.

EasyCLA does not modify your source code, branches, or project contents.

Re-check a Merge Request

If a contributor signs the CLA after a merge request has already been opened, the EasyCLA status does not always update on its own. Anyone with access to the merge request can post the comment /easycla to trigger a fresh CLA check against the current set of commits.

New merge requests opened after a configuration change are checked automatically; only merge requests that already existed need a manual /easycla trigger.

Apply Changes in Project Control Center

After any change on the GitLab side — adding new subgroups, revoking authorization, transferring group ownership — sign in to Project Control Center, open Tools Status > EasyCLA, and verify that the GITLAB tab reflects the expected groups and projects. Enable Enforce CLA for any projects that should require contributor sign-off.