Skip to main content

Managing policies for Copilot in your organization

Learn how to manage policies for GitHub Copilot in your organization.

Who can use this feature?

Organization owners

Organizations with a subscription to GitHub Copilot Business or GitHub Copilot Enterprise

About policies for GitHub Copilot

Organization owners can set policies to govern how GitHub Copilot can be used within the organization. For example, an organization owner can enable or disable the following Copilot features:

  • Copilot in GitHub.com
  • Copilot Chat in the IDE
  • Copilot Chat in GitHub Mobile
  • Copilot in the CLI
  • Suggestions matching public code

The policy settings selected by an organization owner determine the behavior of GitHub Copilot for all organization members that have been granted access to Copilot through the organization.

Policies for suggestion matching

Organization settings include an option to either allow or block code suggestions that match publicly available code. If you choose to block suggestions matching public code, GitHub Copilot will check potential code suggestions and the surrounding code of about 150 characters against public code on GitHub. If there is a match, or a near match, the suggestion is not shown.

Enabling Copilot features in your organization

  1. In the upper-right corner of GitHub, select your profile photo, then click Your organizations.

  2. Next to the organization, click Settings.

  3. In the sidebar, under "Code, planning, and automation", click Copilot, and then click Policies.

  4. Use the dropdown options to the right of each feature to enable or disable that feature for your organization.

    For example, to enable or disable suggestion matching, in the "Suggestions matching public code" dropdown, select Allowed or Blocked.

  5. If your organization has a Copilot Business subscription and you enable "Copilot in GitHub.com", two additional options are displayed:

Setting a policy for GitHub Copilot Extensions in your organization

Note

GitHub Copilot Extensions is in beta and subject to change.

GitHub Copilot Extensions integrate external tools with GitHub Copilot Chat. See "Using extensions to integrate external tools with Copilot Chat."

Before you install Copilot Extensions in your organization, you should set a usage policy for your organization. Setting a usage policy allows you to enable or disable Copilot Extensions for all members of your organization, limiting your security risk.

  1. In the upper-right corner of GitHub, select your profile photo, then click Your organizations.
  2. Next to the organization, click Settings.
  3. In the sidebar, under "Code, planning, and automation", click Copilot, and then click Policies.
  4. In the "Copilot Extensions" section, select the dropdown menu, then enable or disable Copilot Extensions for your organization.

Managing permissions for a GitHub Copilot Extension in your organization

After you have installed a Copilot Extension in your organization, you can view the permissions the extension has in your organization, and why those permissions are necessary. If you do not want the Copilot Extension to have the listed permissions, you can suspend or uninstall the extension.

  1. In the upper-right corner of GitHub, select your profile photo, then click Your organizations.
  2. Next to the organization, click Settings.
  3. In the sidebar, under "Third-party Access," click GitHub Apps. A list of the GitHub Apps installed on your organization will be displayed.
  4. Optionally, to filter your installed GitHub Apps for Copilot Extensions, select the Filter: dropdown menu, then click Copilot Extensions.
  5. Next to the Copilot Extension you want to review or modify, click Configure.
  6. In the "Permissions" section, review the permissions listed for the Copilot Extension. Optionally, you can block the Copilot Extension's access to your organization in one of two ways:
    • To indefinitely suspend the Copilot Extension's access to resources in your organization while keeping the extension installed, in the "Danger zone" section, click Suspend.
    • To uninstall a Copilot Extension completely, in the "Danger zone" section, click Uninstall.

Further reading