Skip to main content

Enforcing policies for GitHub Copilot in your enterprise

You can enforce policies for GitHub Copilot Business within your enterprise's organizations, or allow policies to be set in each organization.

Who can use this feature?

Enterprise owners can enforce policies for GitHub Copilot Business in an enterprise.

GitHub Copilot can be managed through personal accounts with GitHub Copilot Individual or through organization or enterprise accounts with GitHub Copilot Business.

About policies for GitHub Copilot in your enterprise

GitHub Copilot is an AI-powered coding assistant that helps developers write code faster. GitHub Copilot is available through GitHub personal accounts with GitHub Copilot Individual or through organization or enterprise accounts with GitHub Copilot Business.

You can enforce policies for GitHub Copilot Business within your enterprise's organizations, or allow policies to be set in each organization.

If you set up a subscription for GitHub Copilot Business, you can grant and revoke access to GitHub Copilot for organizations within your enterprise. Once you grant an organization access to GitHub Copilot, the admins of that organization can grant access to individuals and teams. For more information, see "Managing Copilot Business."

GitHub Copilot Business subscriptions are billed monthly, based on the number of GitHub Copilot seats assigned to users within your enterprise. For more information, see "About billing for GitHub Copilot."

Wherever a restrictive policy has been chosen at the enterprise level, an organization owner will not be able to select a more permissive policy at the organization level. In cases where no policy is selected at the enterprise level, and multiple organizations within the enterprise have chosen different policies, the most restrictive policy will always take precedence.

Enforcing a policy to manage the use of GitHub Copilot Business in your enterprise

Enterprise owners can choose whether to grant access to GitHub Copilot for all, none, or a selection of organizations within the enterprise.

  1. In the enterprise account sidebar, click Policies.

  2. Under " Policies", click Copilot.

  3. Under "Manage organization access to GitHub Copilot," configure the access for your GitHub Copilot subscription.

    • To disable GitHub Copilot for all organizations in your enterprise, select Disabled.
    • To enable GitHub Copilot for all organizations in your enterprise, both current and future, select Allow for all organizations.
    • To enable GitHub Copilot for specific organizations, select Allow for specific organizations.
  4. If you selected Allow for specific organizations, select the organizations you want to enable GitHub Copilot for. Alternatively, you can select the organizations you want to disable GitHub Copilot access for.

    • Click the Set organization permissions dropdown and select Enable or Disable to grant or deny GitHub Copilot access for the specified organizations.

    Screenshot of the GitHub Copilot policy page. The organization permissions dropdown is outlined in dark orange.

  5. Review your selection.

    • If you selected Disable, you will see a warning that disabling GitHub Copilot will revoke access for all organizations and members. To confirm, click Confirm and save.
    • If you selected Allow for all organizations or Allow for specific organizations, click Save.

Enforcing a policy to manage the use of GitHub Copilot suggestions that match public code in your enterprise

GitHub Copilot includes a filter which detects code suggestions that match public code on GitHub. GitHub Copilot Business lets you choose whether to enable or disable the filter at the enterprise level, or allow organization owners to decide at the organization level. When the filter is enabled, GitHub Copilot checks code suggestions with their surrounding code of about 150 characters against public code on GitHub. If there is a match or near match, the suggestion will not be shown.

  1. In the enterprise account sidebar, click Policies.

  2. Under " Policies", click Copilot.

  3. Under "Suggestions matching public code," click the dropdown menu and select the policy you want to enforce.

    • To allow GitHub Copilot suggestions matching public code, select Allowed.
    • To block GitHub Copilot suggestions matching public code, select Blocked.
    • To allow each of your organizations to set their own policy on the use of GitHub Copilot suggestions matching public code, select No policy (let each organization decide).

    Screenshot of the GitHub Copilot policy page. The dropdown menu of suggestions that match public code settings is outlined in dark orange.

Enforcing a policy to manage the use of GitHub Copilot Chat in your enterprise

GitHub Copilot Chat is a feature that allows users to chat with GitHub Copilot to get code suggestions and answers to coding-related questions. You can enable or disable GitHub Copilot Chat for organizations under your enterprise. Alternatively, you can allow organization owners to select their own policy to determine access to GitHub Copilot Chat for each organization. For more information, see "About GitHub Copilot Chat."

  1. In the enterprise account sidebar, click Policies.
  2. Under " Policies", click Copilot.
  3. Under "GitHub Copilot Chat," click the dropdown menu and select the policy you want to enforce.
    • To allow GitHub Copilot Chat use, select Allowed.
    • To block GitHub Copilot Chat use, select Blocked.
    • To allow each of your organizations to set their own policy on the use of GitHub Copilot Chat, select No policy (let each organization decide).

Further reading