> For the complete documentation index, see [llms.txt](https://ai-security-docs.akto.io/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://ai-security-docs.akto.io/akto-atlas-agentic-ai-security-for-employee-endpoints/endpoints-discovery-agents/github-copilot-enterprise.md).
# Github Copilot Enterprise
## Overview
This page explains how you can integrate **GitHub Copilot Enterprise** with Akto Atlas to enable **agent discovery, centralized guardrails, and enterprise-wide policy enforcement**.
As an Akto user, you can secure Copilot Enterprise using two complementary integration layers:
1. **Endpoint-level control via Copilot Hooks**
2. **Model-level control via Akto Agent Proxy (custom model routing)**
Together, these provide visibility and enforcement both at the developer endpoint and before requests reach the AI model.
## **1.** Endpoint Enforcement (CLI Hooks)
You can secure Copilot usage using the **Copilot Hooks integration** (refer to the [Copilot Hooks](/akto-atlas-agentic-ai-security-for-employee-endpoints/endpoints-discovery-agents/copilot-cli-hooks.md) page for complete setup details).
This integration allows you to:
* Monitor prompt submissions
* Block unsafe tool executions before they run
* Send events to Akto Atlas for centralized visibility
This layer secures Copilot usage directly at employee endpoints.
## **2.** Model Routing (Agent Proxy)
To enforce guardrails before requests reach the AI provider, you can configure Copilot Enterprise to route model traffic through the **Akto Agent Proxy**.
Instead of allowing Copilot to directly access built-in models, you configure a **custom model endpoint** that points to Akto’s proxy.
Akto then:
1. Inspects and validates the request
2. Applies guardrails and policy enforcement
3. Forwards approved traffic to the configured backend model (Foundry or OpenAI-compatible)
This ensures centralized enforcement across all Copilot Enterprise users.
### **Prerequisites**
Before configuring GitHub:
* Ensure **Akto Agent Proxy is deployed and reachable**
* Ensure the proxy is connected to:
* Azure Foundry **or**
* An OpenAI-compatible backend
* Validate that the proxy endpoint is functioning correctly
{% hint style="warning" %}
**Important**
The Agent Proxy must already be connected to the target model backend before you configure it in GitHub. Misconfiguration will cause Copilot requests to fail.
{% endhint %}
### **Configuration Steps in GitHub**
After completing the prerequisites (including Akto Agent Proxy deployment), perform the following:
{% stepper %}
{% step %}
Go to **GitHub → Enterprise Settings**
{% endstep %}
{% step %}
Navigate to **AI Controls**
{% endstep %}
{% step %}
Open **Copilot**
{% endstep %}
{% step %}
Locate the **Configured Models** section
{% endstep %}
{% step %}
Disable all default or built-in models (if you want full proxy enforcement)
{% endstep %}
{% step %}
Select **Add Custom Model**
{% endstep %}
{% step %}
Choose the appropriate provider type:
* Foundry
* OpenAI-compatible
{% endstep %}
{% step %}
Enter the **Akto Agent Proxy URL** as the model endpoint
* For OpenAI-compatible
* For Microsoft Foundry
{% endstep %}
{% step %}
1. Save and apply the configuration.
{% endstep %}
{% endstepper %}
All Copilot Enterprise model requests will now flow through Akto Agent Proxy before reaching the selected backend.
## **Operational Flow**
Once fully configured:
1. User interacts with Copilot
2. (Optional) Copilot Hooks capture endpoint events
3. Copilot sends model request
4. Request is routed to **Akto Agent Proxy**
5. Akto applies guardrails and validation
6. Approved requests are forwarded to the backend model
7. Responses return through the proxy to Copilot
This provides layered security across the Copilot lifecycle.
## **Best Practices**
* Use **both Copilot Hooks and Proxy routing** for complete coverage
* Disable direct access to built-in models to avoid bypass paths
* Validate proxy connectivity before enterprise rollout
* Test with a limited user group before full deployment
* Decide your enforcement posture (observe vs block) before enabling strict policies
## Get Support for your Akto setup
There are multiple ways to request support from Akto. We are 24X7 available on the following:
1. In-app `intercom` support. Message us with your query on intercom in Akto dashboard and someone will reply.
2. Join our [discord channel](https://www.akto.io/community) for community support.
3. Contact `support@akto.io` for email support.
4. Contact us [here](https://www.akto.io/contact-us).
---
# Agent Instructions
This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com.
## Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.
Perform an HTTP GET request on the current page URL with the `ask` query parameter:
```
GET https://ai-security-docs.akto.io/akto-atlas-agentic-ai-security-for-employee-endpoints/endpoints-discovery-agents/github-copilot-enterprise.md?ask=
```
The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.
Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.