How to let one client access another client's api in keycloak

I have two applications secured by keycloak via openid connect.
e.g. my application and a gitlab.
Now I want to let my application access the gitlab’s API
the doc is really not friendly for a new starter.
I am still not quite understand how to do it.
we need to register the gitlab’s API as resource ? then let my application visit the resource on keycloak ?

per gitlab’s document, it has 3 authorization ways to use API:

I know that the keycloak can generate the access_token for the client.
how does the client to use the keycloak’s access_token to access the gitlab’s API ? the gitlab retrieve the access_token from client and then verify it via keycloak ?