Skip to main content

Managing policies for Copilot in your organization

Learn how to manage policies for GitHub Copilot in your organization.

Who can use this feature?

Organization owners

Organizations with a subscription to GitHub Copilot Business or GitHub Copilot Enterprise

About policies for GitHub Copilot

Organization owners can set policies to govern how GitHub Copilot can be used within the organization. For example, an organization owner can enable or disable the following Copilot features (unless an enterprise owner has blocked access to these features at the enterprise level):

  • Copilot in GitHub.com
  • Copilot Chat in the IDE
  • Copilot Chat in GitHub Mobile
  • Copilot in the CLI and Windows Terminal
  • Suggestions matching public code
  • Access to alternative models for Copilot

The policy settings selected by an organization owner determine the behavior of GitHub Copilot for all organization members that have been granted access to Copilot through the organization.

Copilot policies are also managed at the enterprise level. If your organization is part of an enterprise, and explicit settings have been selected at the enterprise level, you cannot override those settings at the organization level. For more information on managing policies at the enterprise level, see Managing policies and features for Copilot in your enterprise.

Policies for suggestion matching

Organization settings include an option to either allow or block code suggestions that match publicly available code. If you choose to block suggestions matching public code, GitHub Copilot will check potential code suggestions and the surrounding code of about 150 characters against public code on GitHub. If there is a match, or a near match, the suggestion is not shown.

If your enterprise admin has selected No policy for suggestion matching at the enterprise level, you can set a suggestion matching policy for your organization.

If an organization member is assigned a seat by multiple organizations with different suggestion matching policies under the same enterprise, GitHub Copilot will use the most restrictive policy.

Enabling Copilot features in your organization

  1. In the upper-right corner of GitHub, select your profile photo, then click Your organizations.

  2. Next to the organization, click Settings.

  3. In the sidebar, under "Code, planning, and automation", click Copilot, and then click Policies.

  4. Use the dropdown options to the right of each feature to enable or disable that feature for your organization.

    For example, to enable or disable suggestion matching, in the "Suggestions matching public code" dropdown, select Allowed or Blocked.

  5. If your organization has a Copilot Business or Copilot Enterprise subscription and you enable "Copilot in GitHub.com", two additional options are displayed:

    • Opt in to user feedback collection: If enabled, users can provide feedback on Copilot pull request summaries. For more information, see "Creating a pull request summary with GitHub Copilot."

    • Opt in to preview features: If enabled, users can test new Copilot features that are not yet generally available. Be aware that previews of features may have flaws, and the features may be changed or discontinued at any time. Current previews of Copilot features include:

Setting a policy for GitHub Copilot Extensions in your organization

Note

GitHub Copilot Extensions is in public preview and subject to change.

GitHub Copilot Extensions integrate external tools with GitHub Copilot Chat. See Using extensions to integrate external tools with Copilot Chat.

Before you install Copilot Extensions in your organization, you should set a usage policy for your organization. Setting a usage policy allows you to enable or disable Copilot Extensions for all members of your organization, limiting your security risk.

If Copilot Extensions have not been enabled or disabled at the enterprise level, you can set a Copilot Extensions policy for your organization.

  1. In the upper-right corner of GitHub, select your profile photo, then click Your organizations.
  2. Next to the organization, click Settings.
  3. In the sidebar, under "Code, planning, and automation", click Copilot, and then click Policies.
  4. In the "Copilot Extensions" section, select the dropdown menu, then enable or disable Copilot Extensions for your organization.

Managing permissions for a GitHub Copilot Extension in your organization

After you have installed a Copilot Extension in your organization, you can view the permissions the extension has in your organization, and why those permissions are necessary. If you do not want the Copilot Extension to have the listed permissions, you can suspend or uninstall the extension.

  1. In the upper-right corner of GitHub, select your profile photo, then click Your organizations.
  2. Next to the organization, click Settings.
  3. In the sidebar, under "Third-party Access," click GitHub Apps. A list of the GitHub Apps installed on your organization will be displayed.
  4. Optionally, to filter your installed GitHub Apps for Copilot Extensions, select the Filter: dropdown menu, then click Copilot Extensions.
  5. Next to the Copilot Extension you want to review or modify, click Configure.
  6. In the "Permissions" section, review the permissions listed for the Copilot Extension. Optionally, you can block the Copilot Extension's access to your organization in one of two ways:
    • To indefinitely suspend the Copilot Extension's access to resources in your organization while keeping the extension installed, in the "Danger zone" section, click Suspend.
    • To uninstall a Copilot Extension completely, in the "Danger zone" section, click Uninstall.

Further reading