Signup
- Go to auth.zeropath.com/sign-up to create your account
- Choose between:
- Personal Workspace: Free tier for individual developers
- Organization: Team workspace with advanced features
Add Your Repo
Give ZeroPath access to scan your code and perform automatic PR reviews. 
Connection Method
GitHub App
GitHub Token
GitLab
Bitbucket
Public Git URL
Code Upload
CLI
Connect GitHub repositories for automated PR reviews and continuous scanning.Navigate to Add Repositories
Install GitHub App
Click “Install GitHub App” (GitHub App tab should be pre-selected)
Complete GitHub Flow
On GitHub’s side:
- Select your organization
- Choose repositories to grant access to
- Approve the permission set
Wait for Sync
You’ll be redirected back to ZeroPath. Wait for repositories to appear under “Accessible repositories” (syncing indicator will show if still processing)
Add Repositories
Select which repositories to add to ZeroPath, or click “Add All”Enable “Auto Add” to automatically add new repositories when you grant access in the future
Connect GitHub repositories using a personal access token for scanning only.Token-based connections have limited features: auto PRs, PR checks, and other GitHub flows are not available. Use GitHub App for full functionality.
Navigate to Add Repositories
Use Access Token
Click “Use An Access Token” button
Enter Token and Repository URL
- Paste your GitHub personal access token
- Enter the full GitHub repository URL (e.g.,
https://github.com/owner/repo)
Add Repository
Click “Add Repository” to complete the token-based integration
Integrate with GitLab for merge request scanning and pipeline security.Create GitLab Access Token
Navigate to Add Repositories
Setup GitLab Integration
- Click the “GitLab” tab
- Click “Setup GitLab Integration” button
Configure Integration
- Select token type: Project or Group
- Enter GitLab Domain (e.g.,
gitlab.com for cloud customers)
- Paste your Access Token
- If using a group token, enter the Group Name
Add Repositories
After configuration, repositories will appear under “Accessible repositories”. Select which repositories to add to ZeroPath.
Option 1: OAuth Integration (Recommended)
Navigate to Add Repositories
Setup Bitbucket Integration
- Click the “Bitbucket” tab
- Click “Setup Bitbucket Integration” button
Complete OAuth Flow
You’ll be redirected to Bitbucket to authorize ZeroPath. This enables full functionality including PR scanning, webhooks, and automated reviews.
Add Repositories
After the OAuth callback, repositories will appear under “Accessible repositories” for selection.
Option 2: Access Token
Create Repository Access Token
In Bitbucket, create a new repository access token with these permissions:
- Repository: Read, Write
- Pull Requests: Read, Write
- Webhooks: Read and Write
Navigate to Add Repositories
Use Access Token
- Click the “Bitbucket” tab
- Click “Use An Access Token” button
- Enter your access token and repository URL
Scan any publicly accessible Git repository by providing its URL.Navigate to Add Repositories
Select Public Git URL
Click “Public Git URL”
Enter Repository Details
- Enter the public Git repository URL (e.g.,
https://github.com/user/repo.git)
- Select the branch to scan
- Configure scan settings
Start Scan
Click “Start Scan” to begin the one-time analysis
Upload your codebase as a ZIP file for one-time security analysis.Prepare ZIP Repository
Ensure you have a real repository zipped
Navigate to Add Repositories
Upload Repository
- Click “Upload Repository”
- Name your repository in the UI
- Upload the ZIP file (this may take a minute)
Review Basic Settings
Set up your scan preferences:
- Branch Selection: Choose which branch to monitor and ensure they exist
- PR Scanning: Optionally, disable automatic PR Checks (enabled by default)
- Scanner Settings: By default, ZeroPath is configured for SAST, SCA, IaC, and Secrets by default, with a low confidence permissiveness setting.
Start a Scan
- Review your configuration settings
- Click “Start Scan” to begin analysis
- Your scan will process in the background
Monitor Progress
Track your scan status:
- Scan Status: View progress at zeropath.com/app/scans
- Detailed Logs: Click on the “Running time” to view scan logs
- Notifications: Configure alerts via Slack integration or webhooks
- Estimated Time: Varies by repository size. First-time full scans take longer while indexing the codebase, but subsequent scans are 10x faster
PR scans typically complete in under a minute, while full repository scans may take longer on the first run.
Getting Help
