Prerequisites

Required Access Tokens

• GitHub Personal Access Token (Classic): For GitHub pull request code reviews, ensure you have a CLASSIC personal access token with repo access. We do not support fine-grained tokens currently. View Guide

• GitLab Personal Access Token: For GitLab merge request code reviews, a token with API access is required. View Guide

• Bitbucket Access Tokens: For Bitbucket pull request code reviews, you can use any of the following types of access tokens: Repository Access Token, Project Access Token, or Workspace Access Token. All these tokens, available for Bitbucket Cloud, are fully compatible with the AI Code Review Agent.

1. A Repository Access Token grants access to a single repository. To create a token, go to the required repository and click on the left hand side menu Repository Settings and then click on menu Access Token. Click on the button Create Repository Access Token.

   When setting up the token, ensure that the following scopes are selected:

   • Under Webhooks, select Read and write.

   • Under Pull requests, select Write.

   For more information, refer to the guide.

1. A Project Access Token grants access to a single project and its repositories. To create a token, go to the required project and click on the left hand side menu Project Settings and then click on menu Access Token. Click on the button Create Project Access Token.

   When setting up the token, ensure that the following scopes are selected:

   • Under Webhooks, select Read and write.

   • Under Pull requests, select Write.

   For more information, refer to the guide.

1. A Workspace Access Token grants access to a single workspace, including its repositories and projects. To create a token, click on top-right settings icon and then drop-down menu Workspace Settings (as shown in below screenshot). Click on the left hand side menu Access Token and then click on the button Create Workspace Access Token.

When creating a token, ensure that the following scopes are selected:

• Under Webhooks, select Read and write.

• Under Pull requests, select Write.

For more information, refer to the guide.

Single sign-on (SSO) Configuration of Git Access Token

Organization owners and admins can enforce SAML SSO so that all organization members must authenticate via an identity provider (IdP). When you enable SAML SSO, GitHub or GitLab will prompt members who visit the organization's resources on GitHub/GitLab to authenticate on your IdP, which links the member's personal account to an identity on the IdP. You can also enforce SAML SSO for your organization. When you enforce SAML SSO, all members of the organization must authenticate through your IdP to access the organization's resources.

Personal Access Token (classic) in GitHub and Personal Access Token in GitLab are such resources, which also requires a SSO configuration if Organization owners and admins have enforced SAML SSO. You must authorize your personal access token after creation that uses SAML single sign-on (SSO), otherwise, Bito's Code Review Agent won't work.

References:

• https://docs.github.com/en/enterprise-cloud@latest/organizations/managing-saml-singl[…]anization/enforcing-saml-single-sign-on-for-your-organization

• https://docs.github.com/en/enterprise-server@3.9/admin/identity-and-access-managemen[…]prise-iam/configuring-saml-single-sign-on-for-your-enterprise

• https://docs.github.com/en/enterprise-cloud@latest/authentication/authenticating-wit[…]zing-a-personal-access-token-for-use-with-saml-single-sign-on

• https://docs.gitlab.com/ee/user/group/saml_sso/

• https://docs.gitlab.com/ee/integration/saml.html

• https://docs.gitlab.com/ee/integration/saml.html#password-generation-for-users-created-through-saml