Github Copilot Enterprise
Overview
This page explains how you can integrate GitHub Copilot Enterprise with Akto Atlas to enable agent discovery, centralized guardrails, and enterprise-wide policy enforcement.
As an Akto user, you can secure Copilot Enterprise using two complementary integration layers:
Endpoint-level control via Copilot Hooks
Model-level control via Akto Agent Proxy (custom model routing)
Together, these provide visibility and enforcement both at the developer endpoint and before requests reach the AI model.
1. Endpoint Enforcement (CLI Hooks)
You can secure Copilot usage using the Copilot Hooks integration (refer to the Copilot Hooks page for complete setup details).
This integration allows you to:
Monitor prompt submissions
Block unsafe tool executions before they run
Send events to Akto Atlas for centralized visibility
This layer secures Copilot usage directly at employee endpoints.
2. Model Routing (Agent Proxy)
To enforce guardrails before requests reach the AI provider, you can configure Copilot Enterprise to route model traffic through the Akto Agent Proxy.
Instead of allowing Copilot to directly access built-in models, you configure a custom model endpoint that points to Akto’s proxy.
Akto then:
Inspects and validates the request
Applies guardrails and policy enforcement
Forwards approved traffic to the configured backend model (Foundry or OpenAI-compatible)
This ensures centralized enforcement across all Copilot Enterprise users.
Prerequisites
Before configuring GitHub:
Ensure Akto Agent Proxy is deployed and reachable
Ensure the proxy is connected to:
Azure Foundry or
An OpenAI-compatible backend
Validate that the proxy endpoint is functioning correctly
Important
The Agent Proxy must already be connected to the target model backend before you configure it in GitHub. Misconfiguration will cause Copilot requests to fail.
Configuration Steps in GitHub
After completing the prerequisites (including Akto Agent Proxy deployment), perform the following:
Go to GitHub → Enterprise Settings
Navigate to AI Controls
Open Copilot
Locate the Configured Models section
Disable all default or built-in models (if you want full proxy enforcement)
Select Add Custom Model
Choose the appropriate provider type:
Foundry
OpenAI-compatible
Enter the Akto Agent Proxy URL as the model endpoint
For OpenAI-compatible
For Microsofy Foundry
Save and apply the configuration.
All Copilot Enterprise model requests will now flow through Akto Agent Proxy before reaching the selected backend.
Operational Flow
Once fully configured:
User interacts with Copilot
(Optional) Copilot Hooks capture endpoint events
Copilot sends model request
Request is routed to Akto Agent Proxy
Akto applies guardrails and validation
Approved requests are forwarded to the backend model
Responses return through the proxy to Copilot
This provides layered security across the Copilot lifecycle.
Best Practices
Use both Copilot Hooks and Proxy routing for complete coverage
Disable direct access to built-in models to avoid bypass paths
Validate proxy connectivity before enterprise rollout
Test with a limited user group before full deployment
Decide your enforcement posture (observe vs block) before enabling strict policies
Get Support for your Akto setup
There are multiple ways to request support from Akto. We are 24X7 available on the following:
In-app
intercomsupport. Message us with your query on intercom in Akto dashboard and someone will reply.Join our discord channel for community support.
Contact
[email protected]for email support.Contact us here.
Last updated