'App' style integration option?

I want to make a Gitlab integration that is as seemless (from the user standpoint) as your traditional github app. For example, I have created an App and the user merely visits the right gh-hosted URL, clicks ‘install’, and from then on all of the user’s repositories have implicit webhooks that send events to my designated server. Thus, the user does not need to manually deal with webhook urls for each of their projects or even a single time globally for the account - it’s implicit in the click of a button.

So the integration options I see are:

  • webhooks - by their very nature, they are a per-project and demand the user copy and past URLs into their repo settings. Not friendly. EDIT: Also this is insufficient since it must be paired with a bot-specific account using the gitlab api to inject comments back into the project’s issue tracker.
  • Gitlab API - This is sort of a Swiss army knife solution. Presumably the user could provide my service with OAuth and I could then install the webhooks on their behalf. How they provide me with an oauth token and why they’d want to give out this level of trust is an open question. EDIT: This alone is insufficient since there is no “push” of events without the previously-mentioned webhooks.
  • Integrations - Now we’re getting closer to something more workable, but the cost is much higher than the comparable ‘app’ iiuc.

Do we have a middle ground here?