Managing policies for Copilot in your organization

About policies for GitHub Copilot

Organization owners can set policies to govern how GitHub Copilot can be used within the organization. For example, an organization owner can enable or disable the following Copilot features (unless an enterprise owner has blocked access to these features at the enterprise level):

• Copilot in GitHub.com (if your organization has a Copilot Enterprise subscription)
• Copilot Chat in the IDE
• Copilot Chat in GitHub Mobile
• Copilot in the CLI
• Suggestions matching public code

The policy settings selected by an organization owner determine the behavior of GitHub Copilot for all organization members that have been granted access to Copilot through the organization.

Copilot policies are also managed at the enterprise level. If your organization is part of an enterprise, and explicit settings have been selected at the enterprise level, you cannot override those settings at the organization level. For more information on managing policies at the enterprise level, see "Managing policies and features for Copilot in your enterprise."

Policies for suggestion matching

Organization settings include an option to either allow or block code completion suggestions that match publicly available code. If you choose to block suggestions matching public code, GitHub Copilot will check potential code completion suggestions and the surrounding code of about 150 characters against public code on GitHub. If there is a match, or a near match, the suggestion is not shown.

If your enterprise admin has selected No policy for suggestion matching at the enterprise level, you can set a suggestion matching policy for your organization.

If an organization member is assigned a seat by multiple organizations with different suggestion matching policies under the same enterprise, GitHub Copilot will use the most restrictive policy.

Enabling Copilot features in your organization

1. In the upper-right corner of GitHub, select your profile photo, then click Your organizations.

2. Next to the organization, click Settings.

3. In the sidebar, under "Code, planning, and automation", click Copilot, and then click Policies.

4. Use the dropdown options to the right of each feature to enable or disable that feature for your organization.

   For example, to enable or disable suggestion matching, in the "Suggestions matching public code" dropdown, select Allowed or Blocked.

5. If your organization has a Copilot Enterprise subscription and you enable Copilot in GitHub.com, two additional options are displayed. Depending on your enterprise settings, you may be able to change the settings for these options.

   • Give Copilot access to Bing: Select this check box to allow Copilot Chat to use Bing search results to provide information for its responses. For more information, see "Asking GitHub Copilot questions in GitHub.com."

   • Opt in to user feedback collection: Select this check box to allow users to provide feedback on Copilot pull request summaries. For more information, see "Creating a pull request summary with GitHub Copilot."

Setting a policy for GitHub Copilot Extensions in your organization

GitHub Copilot Extensions integrate external tools with GitHub Copilot Chat. See "Using extensions to integrate external tools with Copilot Chat."

Before you install Copilot Extensions in your organization, you should set a usage policy for your organization. Setting a usage policy allows you to enable or disable Copilot Extensions for all members of your organization, limiting your security risk.

If Copilot Extensions have not been enabled or disabled at the enterprise level, you can set a Copilot Extensions policy for your organization.

1. In the upper-right corner of GitHub, select your profile photo, then click Your organizations.
2. Next to the organization, click Settings.
3. In the sidebar, under "Code, planning, and automation", click Copilot, and then click Policies.
4. In the "Copilot Extensions" section, select the dropdown menu, then enable or disable Copilot Extensions for your organization.

Managing permissions for a GitHub Copilot Extension in your organization

After you have installed a Copilot Extension in your organization, you can view the permissions the extension has in your organization, and why those permissions are necessary. If you do not want the Copilot Extension to have the listed permissions, you can suspend or uninstall the extension.

1. In the upper-right corner of GitHub, select your profile photo, then click Your organizations.
2. Next to the organization, click Settings.
3. In the sidebar, under "Third-party Access," click GitHub Apps. A list of the GitHub Apps installed on your organization will be displayed.
4. Optionally, to filter your installed GitHub Apps for Copilot Extensions, select the Filter: dropdown menu, then click Copilot Extensions.
5. Next to the Copilot Extension you want to review or modify, click Configure.
6. In the "Permissions" section, review the permissions listed for the Copilot Extension. Optionally, you can block the Copilot Extension's access to your organization in one of two ways:
   • To indefinitely suspend the Copilot Extension's access to resources in your organization while keeping the extension installed, in the "Danger zone" section, click Suspend.
   • To uninstall a Copilot Extension completely, in the "Danger zone" section, click Uninstall.

Further reading

• GitHub Copilot Trust Center
• "Finding public code that matches GitHub Copilot suggestions"
• "Enabling GitHub Copilot Enterprise features"