Getting Started with The One Code

This guide walks you through connecting your first organization and getting your repositories backed up, analyzed, and documented.

Prerequisites

Before you begin:

• You have a Hub account with Admin or Owner role
• You have access to a GitHub organization, GitLab group, or Azure DevOps organization
• For GitHub: you have permission to install third-party GitHub Apps on that organization

Navigating to The One Code

1. Sign in to any One Stack product (or go to my.theonestack.com)
2. Click the grid icon (waffle menu) in the top-left corner
3. Under the Intelligence section, click Code
4. You'll land at app.theonecode.app

💡You can also navigate directly to app.theonecode.app. Your Hub session carries over automatically — no separate login required.

Initial Setup Checklist

Step	Description	Required
Connect organization	Link GitHub, GitLab, or Azure DevOps	Yes
Verify repo sync	Confirm all repos were discovered	Yes
Configure backup schedule	Set hourly, daily, or weekly	Recommended
Set retention period	Default is 90 days	Recommended
Trigger initial analysis	Start AI documentation and security scan	Recommended
Configure integrations	Link PSA and CMDB	Optional

Key Concepts

Organization (Org) — A GitHub organization, GitLab group, or Azure DevOps organization that you've connected to The One Code. One MSP tenant can connect multiple orgs, spanning multiple client environments.

Repository — An individual code repository within a connected org. Each repo gets its own backup history, application profile, security scan results, and generated documentation.

Application Profile — An AI-analyzed summary of a repository: detected app type (web-app, API, library, CLI, etc.), tech stack, frameworks, languages, health score, dependency counts, and commit activity.

Health Score — A 0–100 score computed from five signals: commit recency, open issue count, dependency freshness, security findings, and CI/CD presence. Scores above 70 are healthy; 40–70 are warning; below 40 are critical.

Technical Debt Score — A 0–100 score (higher = more debt) across seven categories: code quality, dependency health, documentation, test coverage, architecture, security, and CI/CD health.

Backup Job — A queued task that copies a repository's git data, issues, PRs, wiki, releases, and workflow files to Azure Blob Storage. Full backups capture everything; incremental backups capture only what changed.

SBOM — Software Bill of Materials. A complete list of all direct and transitive dependencies with version, ecosystem, license, and known CVEs.

Compliance Evidence — Data collected from your repositories and org settings that maps to specific controls in SOC 2 or ISO 27001. The One Code collects evidence automatically; you download or share the report.

Handoff Package — A curated bundle containing all AI-generated documentation for a repository, plus a list of critical files, known issues, and suggested first tasks for an incoming developer or client team.

Connecting Your First Organization

GitHub (Recommended)

The GitHub connection uses a GitHub App installation, which is more secure and more capable than OAuth tokens. The app uses RS256 JWT authentication and never stores your GitHub credentials.

Step 1: Start the connection

1. From The One Code, click Connect Organization (or navigate to Organizations → Connect)
2. Select GitHub as the provider
3. Click Install GitHub App
4. You'll be redirected to GitHub

Step 2: Install the GitHub App on GitHub

1. On the GitHub App installation page, choose whether to install on your entire organization or selected repositories
2. Click Install (or Install & Authorize)
3. GitHub redirects you back to The One Code automatically

Step 3: Confirm the connection

Back in The One Code, you'll see:

• The organization name and avatar
• A count of discovered repositories
• Backup jobs queued for all repositories (this starts immediately)

ℹ️Repository discovery and initial backup queuing happen automatically during the connection flow. You don't need to trigger anything manually — by the time you see the confirmation screen, backups are already running.

What the GitHub App accesses:

• Repository contents (read) — for backup, documentation, and scanning
• Organization members — for access audits
• Repository metadata — branches, settings, protection rules
• Issues and pull requests — included in backup bundles
• Webhooks — to detect new repos added to the org after connection

GitLab

1. Click Connect Organization and select GitLab
2. You'll be redirected to GitLab's OAuth consent page
3. Authorize The One Code to access your groups and repositories
4. After redirect, select which GitLab group to connect
5. Click Complete Connection

GitLab connections use OAuth tokens stored encrypted. Tokens are refreshed automatically.

Azure DevOps

1. Click Connect Organization and select Azure DevOps
2. You'll be redirected to Microsoft's OAuth consent page
3. Authorize The One Code to access your Azure DevOps organization
4. After redirect, select which organization to connect
5. Click Complete Connection

Verifying the Connection

After connecting, go to Organizations to see your connected orgs. Each org card shows:

• Repo count — total active repositories
• Backup errors — repositories with failed backups (should be 0)
• Last sync — when The One Code last checked for new/removed repos
• Status badge — Active, Disconnected, or Error

Click on an organization to drill into individual repositories.

Configuring Backup Settings

From the organization detail page, click Settings (or Edit) to configure:

Backup Schedule

• hourly — Backup runs every hour. Best for active development environments or compliance-sensitive clients.
• daily — Backup runs once per day at a scheduled time. Recommended default.
• weekly — Backup runs once per week. Suitable for archived or low-change repositories.

Retention Period The number of days to keep backup snapshots before they expire. Default is 90 days. Increase for compliance requirements (SOC 2 commonly needs 1 year).

You can also configure per-repository settings by clicking into an individual repo and selecting Settings:

• Override the backup schedule for just that repo
• Set a data classification (public, internal, confidential, restricted)
• Add an owner name and business purpose description
• Enable on-push backups in addition to scheduled backups

Triggering Your First Analysis

Repository backup happens automatically. AI analysis and documentation generation do not run automatically on first connect — you initiate them after backup completes:

1. Go to Portfolio and find a repository with status Backed Up
2. Click into the repository detail page
3. Click Generate Documentation to start the AI documentation pipeline
4. Click Analyze Tech Debt to start the debt scoring pipeline
5. Click Scan for Secrets to trigger the secret scan

Each pipeline runs in the background. Documentation generation typically takes 2–5 minutes per repository. Progress is visible on the repository detail page.

💡If you want to analyze your whole org at once, go to the Organization detail page and click Analyze All Repos. This queues analysis for every repository in the org.

Next Steps

• GitHub Integration — Deep dive on the GitHub App, webhooks, and multi-org management
• AI Documentation — Understanding generated docs, handoff packages, and sharing
• Security Scanning — Secret detection and access audits in detail
• Application Portfolio — Portfolio view, health scores, and filtering
• Reports — Generating and scheduling QBR-style client reports