copilot-cli icon indicating copy to clipboard operation
copilot-cli copied to clipboard
verified publisher icon github

Support Enterprise MCP Policies

Open NicholasHallman opened this issue 2 months ago • 1 comments

Describe the feature or problem you'd like to solve

Some enterprise users require that MCP policies and the MCP allowlist are enforced before a tool can be enabled for an organization.

Proposed solution

Hi, my colleagues and I would love to use copilot-cli, but we’re currently unable to because, to my knowledge, copilot-cli does not respect MCP allowlist policies.

It’s possible this has changed since the following document was released: https://docs.github.com/en/copilot/how-tos/administer-copilot/configure-mcp-server-access#support-for-mcp-policies. As of now, my understanding is that this feature is not supported.

Respecting the allow list would enforce the minimum level of security our organization needs to ensure only trusted tools are used by agents. This is critical for minimizing potential risks to development environments, internal tooling, and other sensitive systems.

Example prompts or workflows

No response

Additional context

No response

NicholasHallman avatar Nov 17 '25 16:11 NicholasHallman

+1, but for a business plan, which is just stripped-down enterprise

particularly overage setup in business/enterprise

thawkins avatar Nov 19 '25 23:11 thawkins