# Gecko Security > Gecko Security documentation. ## Docs - [SSO & Login](https://gecko.security/docs/access/okta-saml-onboarding.md): Set up team login in Gecko with Okta SAML, verify the first sign-in, and add SCIM after SSO works. - [API keys](https://gecko.security/docs/admin/api-keys.md): Create and manage keys for the Gecko v1 API. - [Audit log](https://gecko.security/docs/admin/audit-log.md): Review access and configuration events for your team. - [Billing & plans](https://gecko.security/docs/admin/billing.md): Plans, usage, and where to manage your subscription. - [API reference](https://gecko.security/docs/api-reference/introduction.md): Authenticate with a Gecko API key, understand team scope and rate limits, and start using the v1 API. - [List repositories](https://gecko.security/docs/api-reference/repositories/list-repositories.md): Returns repositories for the team attached to your API key. - [List vulnerabilities for a repository](https://gecko.security/docs/api-reference/repositories/list-vulnerabilities-for-a-repository.md): Returns vulnerabilities for the repository path in `repositoryId`. URL-encode the repository path before you send it. For example, use `gecko-security%2FPaperbaum` for `gecko-security/Paperbaum`. - [Get scan endpoint definitions](https://gecko.security/docs/api-reference/scans/get-scan-endpoint-definitions.md): Returns the scan endpoint definition that Gecko stored for the scan. Gecko returns the raw value and a parsed object when the stored format is JSON. - [Get scan wiki markdown](https://gecko.security/docs/api-reference/scans/get-scan-wiki-markdown.md): Returns the generated scan summary as Markdown. Gecko uses the stored summary string directly when it is already Markdown and builds Markdown from the structured summary payload otherwise. - [Launch a scan](https://gecko.security/docs/api-reference/scans/launch-a-scan.md): Starts a new scan for a GitLab repository that the team can access. This route requires a key whose role includes the `scans.run` permission, a configured team GitLab integration, and available scan capacity on the current plan. Gecko resolves the target branch in this order: request `branch`, branc… - [List scans](https://gecko.security/docs/api-reference/scans/list-scans.md): Returns scans for the team attached to your API key. This route requires a key whose role includes the `scans.read` permission. - [List vulnerabilities for a scan](https://gecko.security/docs/api-reference/scans/list-vulnerabilities-for-a-scan.md): Returns vulnerabilities for a specific scan in the team attached to your API key. - [Check API health](https://gecko.security/docs/api-reference/utility/check-api-health.md): Returns the current API health status and the list of public `v1` endpoints. This endpoint does not require authentication. - [List vulnerabilities across the active team](https://gecko.security/docs/api-reference/vulnerabilities/list-vulnerabilities-across-the-active-team.md): Returns vulnerabilities across all scans that belong to the team attached to your API key. - [Changelog](https://gecko.security/docs/changelog.md): Product and documentation updates for Gecko Security. - [ClickUp](https://gecko.security/docs/clickup-integration.md): Create ClickUp tasks for Gecko findings. - [Endpoints & API spec](https://gecko.security/docs/concepts/api-spec.md): The HTTP attack surface Gecko discovers in your application. - [Findings](https://gecko.security/docs/concepts/findings.md): How Gecko scores, proves, and de-duplicates vulnerabilities. - [Repository wiki](https://gecko.security/docs/concepts/repository-wiki.md): The AI-generated map of your codebase that powers accurate analysis. - [Scans](https://gecko.security/docs/concepts/scans.md): Deep scans vs PR scans, single- vs multi-repo, and scheduled runs. - [Connect GitHub](https://gecko.security/docs/connect/github.md): Install the Gecko GitHub App for GitHub.com, or connect GitHub Enterprise Server with a token. - [Connect GitLab](https://gecko.security/docs/connect/gitlab.md): Connect GitLab.com, self-managed GitLab, or GitLab Dedicated with an access token. - [Network & IP allowlist](https://gecko.security/docs/connect/network-allowlist.md): The IP addresses to allow if your GitLab or GitHub Enterprise instance restricts access by IP. - [Public URLs & ZIP uploads](https://gecko.security/docs/connect/other-inputs.md): Scan code without connecting a provider. Ideal for evaluation and open source. - [Webhooks](https://gecko.security/docs/connect/webhooks.md): Events, secrets, and signature verification for GitHub, GitHub Enterprise, and GitLab. - [Deployment models](https://gecko.security/docs/deployment/architecture.md): How Gecko runs: cloud SaaS and hybrid, and what that means for network access. - [Findings & remediation](https://gecko.security/docs/findings-remediation.md): Triage Gecko findings, request a fix, and verify the result with a rescan. - [GitLab vulnerability export](https://gecko.security/docs/gitlab-vulnerability-export.md): Surface Gecko findings in GitLab's native Security Dashboard. - [How Gecko works](https://gecko.security/docs/how-gecko-works.md): What a scan produces, and how Gecko proves a vulnerability is real. - [Gecko Security](https://gecko.security/docs/index.md): An AI security engineer that finds real, exploitable vulnerabilities in your code, and ships the fix. - [Integrations](https://gecko.security/docs/integrations.md): Connect Gecko to source control, issue trackers, and notifications. - [Jira](https://gecko.security/docs/jira-integration.md): File Gecko findings as Jira issues and keep status in sync. - [Linear](https://gecko.security/docs/linear-integration.md): Push Gecko findings into your Linear backlog with the right priority. - [Quick start](https://gecko.security/docs/quick-start.md): Connect a repository, run your first scan, and review real findings in minutes. - [Auto-fix PRs](https://gecko.security/docs/remediation/auto-fix-prs.md): Ship Gecko's suggested patch as a pull request or a commit to an existing PR. - [Scanner settings](https://gecko.security/docs/scanner-settings.md): Where to configure scan behavior, schedules, rules, and integrations. - [Pull request checks](https://gecko.security/docs/scanning/pr-checks.md): Scan every pull and merge request, post a review summary, and block risky merges. - [Rules](https://gecko.security/docs/scanning/rules.md): Tune which findings surface for your team. - [Run a scan](https://gecko.security/docs/scanning/run-a-scan.md): Start a baseline scan and read the results. - [Scheduled scans](https://gecko.security/docs/scanning/scheduled-scans.md): Keep the baseline fresh with recurring full scans. - [Shortcut](https://gecko.security/docs/shortcut-integration.md): Route Gecko findings into Shortcut stories. - [Slack](https://gecko.security/docs/slack-integration.md): Get scan notifications and remediation nudges in the right channels. - [Teams & permissions](https://gecko.security/docs/teams-permissions.md): Roles, the permission matrix, and how to invite your team. ## OpenAPI Specs - [openapi](https://gecko.security/docs/api-reference/openapi.json) ## Optional - [Dashboard](https://app.gecko.security)