gitlab-mcp
by mcpland
Server Configuration
Describes the environment variables required to run the server.
| Name | Required | Description | Default |
|---|---|---|---|
| SSE | No | Enable legacy SSE endpoints | false |
| NO_PROXY | No | Comma-separated hosts to bypass proxy | |
| HTTP_HOST | No | HTTP bind host | 127.0.0.1 |
| HTTP_PORT | No | HTTP server port | 3333 |
| HTTP_PROXY | No | HTTP proxy for outbound requests | |
| HTTPS_PROXY | No | HTTPS proxy for outbound requests | |
| MAX_SESSIONS | No | Maximum concurrent sessions | 1000 |
| USE_PIPELINE | No | Enable pipeline tools | true |
| USE_MILESTONE | No | Enable milestone tools | true |
| GITLAB_API_URL | No | Base API URL for GitLab instance | https://gitlab.com/api/v4 |
| MCP_SERVER_URL | No | Public base URL for download proxy | |
| USE_GITLAB_WIKI | No | Enable wiki tools | true |
| GITLAB_JOB_TOKEN | No | CI job token fallback | |
| GITLAB_MCP_OAUTH | No | Enable MCP OAuth discovery/proxy endpoints | false |
| GITLAB_USE_OAUTH | No | Set to 'true' to use OAuth 2.0 PKCE authentication | |
| GITLAB_TOKEN_FILE | No | Path to file containing token | |
| GITLAB_USER_AGENT | No | Custom User-Agent for GitLab requests | |
| GITLAB_CA_CERT_PATH | No | Custom CA certificate path (PEM) | |
| GITLAB_TOKEN_SCRIPT | No | Path to external script to resolve token | |
| GITLAB_ALLOWED_TOOLS | No | Comma-separated list of allowed tool names | |
| GITLAB_RESPONSE_MODE | No | Response format: json, compact-json, or yaml | json |
| OAUTH_STATELESS_MODE | No | Use stateless Streamable HTTP | false |
| REMOTE_AUTHORIZATION | No | Require per-request token headers in HTTP mode | false |
| GITLAB_READ_ONLY_MODE | No | Enable read-only mode | false |
| GITLAB_HTTP_TIMEOUT_MS | No | Upstream GitLab HTTP timeout in milliseconds | 20000 |
| GITLAB_OAUTH_CLIENT_ID | No | OAuth application client ID (required if GITLAB_USE_OAUTH=true) | |
| GITLAB_AUTH_COOKIE_PATH | No | Path to Netscape cookie file for cookie-based auth | |
| MAX_REQUESTS_PER_MINUTE | No | Per-session rate limit | 300 |
| SESSION_TIMEOUT_SECONDS | No | Idle session timeout in seconds | 3600 |
| GITLAB_CLOUDFLARE_BYPASS | No | Add browser-like headers for Cloudflare-protected instances | false |
| GITLAB_ERROR_DETAIL_MODE | No | Error verbosity: safe or full | safe |
| GITLAB_DENIED_TOOLS_REGEX | No | Regex pattern to deny tools | |
| GITLAB_MAX_RESPONSE_BYTES | No | Maximum response payload size in bytes | 200000 |
| GITLAB_OAUTH_REDIRECT_URI | No | OAuth redirect URI | http://127.0.0.1:8765/callback |
| GITLAB_ALLOWED_PROJECT_IDS | No | Comma-separated list of allowed project IDs | |
| GITLAB_OAUTH_CLIENT_SECRET | No | OAuth client secret for confidential apps | |
| GITLAB_MAX_LOCAL_FILE_BYTES | No | Maximum local file size for downloads | 250000000 |
| GITLAB_DISABLED_CAPABILITIES | No | Comma-separated capabilities to disable | |
| GITLAB_DOWNLOAD_TOKEN_SECRET | No | Secret for short-lived download proxy URLs | |
| GITLAB_PERSONAL_ACCESS_TOKEN | No | Personal access token for GitLab authentication | |
| GITLAB_DOWNLOAD_TOKEN_TTL_SECONDS | No | Lifetime of download proxy URLs in seconds | 300 |
| GITLAB_ALLOW_GRAPHQL_WITH_PROJECT_SCOPE | No | Keep GraphQL tools enabled when project scope restriction is active | false |
Capabilities
Server capabilities have not been inspected yet.
Tools
Functions exposed to the LLM to take actions
| Name | Description |
|---|---|
No tools | |
Prompts
Interactive templates invoked by user choice
| Name | Description |
|---|---|
No prompts | |
Resources
Contextual data attached and managed by the client
| Name | Description |
|---|---|
No resources | |
Latest Blog Posts
MCP directory API
We provide all the information about MCP servers via our MCP API.
curl -X GET 'https://glama.ai/api/mcp/v1/servers/mcpland/gitlab-mcp'
If you have feedback or need assistance with the MCP directory API, please join our Discord server