Configuring your proxy server or firewall for Copilot

You should allow certain traffic through your firewall or proxy server for Copilot to work as intended.

Who can use this feature?

Proxy server maintainers or firewall maintainers

GitHub Copilot Individual, GitHub Copilot Business, or GitHub Copilot Enterprise.

In this article

If your company employs security measures like a firewall or proxy server, you should add the following URLs, ports, and protocols to an allowlist to ensure Copilot works as expected:

Domain and/or URLPurpose
https://github.com/login/*Authentication
https://api.github.com/userUser Management
https://api.github.com/copilot_internal/*User Management
https://copilot-telemetry.githubusercontent.com/telemetryTelemetry
https://default.exp-tas.comTelemetry
https://copilot-proxy.githubusercontent.comAPI service for Copilot suggestions
https://origin-tracker.githubusercontent.comAPI service for Copilot suggestions
https://*.githubcopilot.com1API service for Copilot suggestions
https://*.individual.githubcopilot.com2API service for Copilot suggestions
https://*.business.githubcopilot.com3API service for Copilot suggestions
https://*.enterprise.githubcopilot.com4API service for Copilot suggestions

Depending on the security policies and editors your organization uses, you may need to allowlist additional domains and URLs. For more information on specific editors, see "Further reading."

Every user of the proxy server or firewall also needs to configure their own environment to connect to Copilot. See "Configuring network settings for GitHub Copilot."

Further reading

Footnotes

  1. Allows access to authorized users regardless of Copilot subscription. Do not add this URL to your allowlist if you are using subscription-based network routing. For more information on subscription-based network routing, see "Managing GitHub Copilot access to your enterprise's network."

  2. Allows access to authorized users via a Copilot Individual subscription. Do not add this URL to your allowlist if you are using subscription-based network routing.

  3. Allows access to authorized users via a Copilot Business subscription. Do not add this URL to your allowlist if you want to use subscription-based network routing to block users from using Copilot Business on your network.

  4. Allows access to authorized users via a Copilot Enterprise subscription. Do not add this URL to your allowlist if you want to use subscription-based network routing to block users from using Copilot Enterprise on your network.