> For the complete documentation index, see [llms.txt](https://docs.linuxfoundation.org/lfx/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://docs.linuxfoundation.org/lfx/easycla/v2-current/project-managers/manage-easycla-gitlab-app.md).

# Manage the EasyCLA GitLab App on GitLab

This page is for GitLab group owners managing the EasyCLA integration from inside GitLab, after a project manager has installed it through [Project Control Center](/lfx/easycla/v2-current/project-managers/add-and-manage-gitlab-groups.md#add-gitlab-groups). It covers what you can do from the GitLab side: reviewing or revoking the authorization, adjusting access at the group level, and re-authorizing after a revoke.

{% hint style="info" %}
**Note:**

* In GitLab, *organizations* are called *groups*, and *repositories* are called *projects*.

* You must be the owner of the GitLab group to authorize, revoke, or change the EasyCLA integration.

* EasyCLA integrates with GitLab through an OAuth application rather than an installed app, so management on the GitLab side looks different from GitHub. There is no per-project repository selector inside GitLab — that selection happens in Project Control Center.
  {% endhint %}

* [Review or Revoke the EasyCLA Authorization](#review-or-revoke-the-easycla-authorization)

* [Add or Remove Projects from CLA Enforcement](#add-or-remove-projects-from-cla-enforcement)

* [Re-authorize After a Revoke](#re-authorize-after-a-revoke)

* [What the Integration Does](#what-the-integration-does)

* [Re-check a Merge Request](#re-check-a-merge-request)

* [Apply Changes in Project Control Center](#apply-changes-in-project-control-center)

## Review or Revoke the EasyCLA Authorization <a href="#review-or-revoke-the-easycla-authorization" id="review-or-revoke-the-easycla-authorization"></a>

EasyCLA's GitLab access is granted through your GitLab user account at the time you click **Authorize** during installation. You can review or revoke that authorization from your GitLab user settings at any time:

1\. Sign in to [GitLab.com](https://gitlab.com) (or your self-hosted GitLab instance).

2\. Click your avatar at the top right, then click **Edit profile**.

3\. From the left navigation, click **Applications**.

4\. Locate **Linux Foundation EasyCLA** under **Authorized applications**.

5\. To remove EasyCLA's access entirely, click **Revoke**.

{% hint style="info" %}
You can also navigate directly to `https://gitlab.com/-/user_settings/applications` (or your self-hosted GitLab equivalent) to reach this page.
{% endhint %}

{% hint style="warning" %}
Revoking the application immediately disables EasyCLA on every GitLab group and project that the original authorizer added through Project Control Center. Existing CLA signatures remain valid in EasyCLA's database, but new merge requests will not receive a CLA status check until the application is re-authorized.
{% endhint %}

## Add or Remove Projects from CLA Enforcement <a href="#add-or-remove-projects-from-cla-enforcement" id="add-or-remove-projects-from-cla-enforcement"></a>

When EasyCLA is authorized for a GitLab group, it gains access to every project in that group, including projects in subgroups. GitLab does not expose a per-project selector for OAuth applications, so individual project changes happen in Project Control Center rather than in GitLab:

* To **enforce or remove CLA** on individual projects within an already-connected group, see [Enforce or Remove CLA Mechanism from GitLab Projects](/lfx/easycla/v2-current/project-managers/enforce-or-remove-cla-mechanism.md#enforce-or-remove-cla-mechanism-from-gitlab-projects).
* To **add a new GitLab group** to a CLA Group, see [Add GitLab Groups](/lfx/easycla/v2-current/project-managers/add-and-manage-gitlab-groups.md#add-gitlab-groups). Each connected group requires its own authorization step in GitLab.
* To **disconnect an entire GitLab group** from a CLA Group, see [Disassociate GitLab Groups](/lfx/easycla/v2-current/project-managers/add-and-manage-gitlab-groups.md#disassociate-gitlab-groups).

{% hint style="info" %}
If you want EasyCLA to apply to new projects and subgroups automatically as they are created under a connected group, turn on **Auto Enable New Repositories** in [Additional Settings](/lfx/easycla/v2-current/project-managers/add-and-manage-gitlab-groups.md#enable-branch-protection-and-auto-enable-new-repositories).
{% endhint %}

## Re-authorize After a Revoke <a href="#re-authorize-after-a-revoke" id="re-authorize-after-a-revoke"></a>

If the EasyCLA authorization has been revoked in GitLab and you want to re-enable enforcement:

1\. Sign in to [Project Control Center](https://projectadmin.lfx.linuxfoundation.org), open the project, and navigate to **Tools Status > EasyCLA**.

2\. Select the CLA Group and click **Manage**.

3\. Under the **GITLAB** tab, locate the affected group and click **Install GitLab EasyCLA App**.

4\. On GitLab's authorization page, click **Authorize**.

5\. After GitLab shows the success page, close that tab, return to Project Control Center, and click **I'm Done Installing**.

For more detail, see [Add and Manage GitLab Groups](/lfx/easycla/v2-current/project-managers/add-and-manage-gitlab-groups.md#add-gitlab-groups).

## What the Integration Does <a href="#what-the-integration-does" id="what-the-integration-does"></a>

After you authorize the EasyCLA OAuth application, EasyCLA uses the granted scopes to:

* Read the list of projects under each connected group, including subgroups.
* Receive webhook events when a merge request is opened, updated, or commented on.
* Read the list of commit authors on a merge request to determine who must sign the CLA.
* Post a commit status on each merge request indicating whether all contributors have signed.
* Post a comment on the merge request with links to sign or check status.

EasyCLA does **not** modify your source code, branches, or project contents.

## Re-check a Merge Request <a href="#re-check-a-merge-request" id="re-check-a-merge-request"></a>

If a contributor signs the CLA after a merge request has already been opened, the EasyCLA status does not always update on its own. Anyone with access to the merge request can post the comment `/easycla` to trigger a fresh CLA check against the current set of commits.

New merge requests opened after a configuration change are checked automatically; only merge requests that already existed need a manual `/easycla` trigger.

## Apply Changes in Project Control Center <a href="#apply-changes-in-project-control-center" id="apply-changes-in-project-control-center"></a>

After any change on the GitLab side — adding new subgroups, revoking authorization, transferring group ownership — sign in to [Project Control Center](https://projectadmin.lfx.linuxfoundation.org), open **Tools Status > EasyCLA**, and verify that the **GITLAB** tab reflects the expected groups and projects. Enable **Enforce CLA** for any projects that should require contributor sign-off.


---

# Agent Instructions
This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com.

## Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.linuxfoundation.org/lfx/easycla/v2-current/project-managers/manage-easycla-gitlab-app.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.