Click Get Started with Code Review to open the setup wizard.
3
Choose provider
Select GitHub, GitLab, Bitbucket, or Azure DevOps as your Git provider.
4
Authenticate
GitHub
GitLab (OAuth)
GitLab (Access Token)
Bitbucket (OAuth)
Bitbucket (Access Token)
Azure DevOps
Click Install GitHub App to begin the GitHub App installation.You will be redirected to GitHub to select an organization and grant repository access. After authorizing, you are returned to the setup wizard automatically.
Installing CloudThinker to a GitHub Organization requires Organization Owner permissions. If you are not an owner, please request an owner to install the app.
GitHub webhooks are registered automatically by the GitHub App — no manual webhook configuration is needed.
Click Connect to GitLab to authenticate via OAuth. This is the simplest option for GitLab.com users.After connecting, you will need to configure a webhook manually.
Use a Project Access Token or Group Access Token for self-hosted GitLab instances or if you prefer manual token management.Why use Project/Group tokens?
Comments appear from a bot user, not your personal account
Tokens are scoped to specific projects or groups
Easier to manage and revoke access
Connection Details:
GitLab URL: Enter https://gitlab.com for GitLab.com, or your self-hosted instance URL (e.g., https://gitlab.example.com)
Token Type: Select Project Access Token (single project) or Group Access Token (all projects in a group)
Access Token: Paste your generated token
Self-Hosted GitLab Support: CloudThinker supports GitLab self-hosted instances running version 12.0 and above.
How to create a Project Access Token
Go to your project → Settings → Access Tokens
Click Add new token
Set role to Developer or higher
Select scope: api
Set an expiration date (recommended)
Copy the generated token
How to create a Group Access Token
Go to your group → Settings → Access Tokens
Click Add new token
Set role to Developer or higher
Select scope: api
Set an expiration date (recommended)
Copy the generated token
Role Requirements: The token must have Developer role or higher to post code review comments. Guest and Reporter roles cannot post comments on merge requests.
Click Connect to Bitbucket to authenticate via OAuth. You will be redirected to Bitbucket to authorize workspace access.
Bitbucket webhooks are registered automatically — no manual webhook configuration is needed.
Connect using a Bitbucket Access Token. Choose the token type that matches your access level:
Token Type
Scope
Plan Required
Workspace Access Token
All repositories in a workspace
Premium
Project Access Token
All repositories in a project
Premium
Repository Access Token
Single repository only
Free
Connection Details:
Token Type: Select the token scope from the dropdown
Bitbucket Workspace: Enter your workspace slug (from the URL: bitbucket.org/<workspace>/repo)
Repository Slug (Repository tokens only): Enter the repository slug
Access Token: Paste your generated token
Click Validate Token first to verify access, then click Connect to complete.Required Token Permissions:
Account: Read
Repositories: Read, Write
Pull requests: Read, Write
Webhooks: Read and write
Pipelines: Read, Write
How to create a Workspace Access Token
Go to Workspace → Settings → Access tokens
Click Create workspace access token
Enable the required permissions listed above
Set an expiration date (recommended)
Copy the generated token
How to create a Project Access Token
Go to Project → Project settings → Access tokens
Click Create project access token
Enable the required permissions listed above
Set an expiration date (recommended)
Copy the generated token
How to create a Repository Access Token
Go to Repository → Repository settings → Access tokens
Click Create Repository Access Token
Enable the required permissions listed above
Set an expiration date (recommended)
Copy the generated token
Bitbucket webhooks are registered automatically — no manual webhook configuration is needed.
Azure DevOps uses a Personal Access Token (PAT) for authentication.Connection Details:
Organization URL: Enter your Azure DevOps organization URL (e.g., https://dev.azure.com/your-org or https://your-org.visualstudio.com)
Project: Enter the project name containing your repositories
Personal Access Token: Paste your generated PAT
Click Validate PAT first to verify access, then click Connect to complete.Required PAT Scopes:
Build — Read
Code — Read & Write
Pull Request Threads — Read & Write
How to create a PAT
Go to Azure DevOps → User Settings (top-right) → Personal Access Tokens
Click New Token
Set the organization and expiration date
Select the scopes listed above
Click Create and copy the generated token
PATs expire based on the expiration date you set during creation. Set a reminder to rotate your PAT before it expires to avoid disrupting code reviews.
CloudThinker offers two review modes that you can configure per repository:
Mode
Description
Fast
Quick analysis, lower cost. Ideal for small PRs and rapid feedback.
Advanced
Deep analysis with specialists. The review is split across specialist agents for security, performance, correctness, and patterns. Best for critical repositories.
You can switch between modes in your repository settings at any time.
CloudThinker can monitor your CI/CD pipelines for failures and automatically analyze failed job logs.When a pipeline fails, CloudThinker:
Detects the failed pipeline run
Fetches and analyzes the failed job logs with AI
Posts findings and suggested fixes directly on the PR
Pipeline monitoring can be toggled on or off per workspace. It is enabled by default.For Azure DevOps, CloudThinker monitors build.complete events alongside pull request events (git.pullrequest.created, git.pullrequest.updated) to detect failures and analyze logs automatically.
Control which MRs/PRs CloudThinker reviews using label, author, and branch filters. Filters are configured per-repository in your repository settings after setup is complete.
Label filters: Include or exclude PRs with specific labels
Author filters: Include or exclude specific authors from reviews
Branch filters: Include or exclude branches matching specific patterns (filters by target branch — the branch being merged into)
Exclude filters are checked first. Include filters must all pass. PRs that match an exclude filter are marked as FILTERED and skipped entirely.
When you push new commits to an open PR, CloudThinker performs an incremental review — only the new changes are analyzed, not the entire PR. This keeps reviews fast and focused on what actually changed.
