Default setup (bundled CLI)

The Node.js, Python, and .NET SDKs include Copilot CLI as a dependency—your app ships with everything it needs, with no extra installation or configuration required.

Who can use this feature?

GitHub Copilot SDK is available with all Copilot plans.

In this article

Note

Copilot SDK is currently in public preview. Functionality and availability are subject to change.

Best for: Most applications—desktop apps, standalone tools, CLI utilities, prototypes, and more.

How it works

When you install the Copilot SDK, Copilot CLI is included automatically. The Copilot SDK starts it as a child process and communicates over stdio. There's nothing extra to configure.

Diagram showing how the SDK client includes the Copilot CLI binary and makes API calls to GitHub Copilot.

Key characteristics:

  • Copilot CLI is included with the Copilot SDK—no separate install needed
  • The Copilot SDK manages the CLI version to ensure compatibility
  • Users authenticate through your app (or use env vars / BYOK)
  • Sessions are managed per user on their machine

Note

The Go and Java SDKs do not bundle Copilot CLI. You must install the CLI separately or set cliPath to point to an existing binary. See Using a local CLI with Copilot SDK for details.

Quick start

import { CopilotClient } from "@github/copilot-sdk";

const client = new CopilotClient();

const session = await client.createSession({ model: "gpt-4.1" });
const response = await session.sendAndWait({ prompt: "Hello!" });
console.log(response?.data.content);

await client.stop();

For examples in Python, Go, .NET, and Java, see Default setup in the github/copilot-sdk repository. For Java, see the github/copilot-sdk-java repository.

Authentication strategies

You need to decide how your users will authenticate. Here are the common patterns:

Diagram showing authentication options for a bundled CLI: signed-in credentials, app-provided token, or BYOK.

Option A: user's signed-in credentials (simplest)

The user signs in to Copilot CLI once, and your app uses those credentials. No extra code needed—this is the default behavior.

const client = new CopilotClient();
// Default: uses signed-in user credentials

Option B: token via environment variable

Ship your app with instructions to set a token, or set it programmatically:

const client = new CopilotClient({
    env: {
        COPILOT_GITHUB_TOKEN: getUserToken(),  // Your app provides the token
    },
});

Option C: BYOK (no GitHub auth needed)

If you manage your own model provider keys, users don't need GitHub accounts at all:

const client = new CopilotClient();

const session = await client.createSession({
    model: "gpt-4.1",
    provider: {
        type: "openai",
        baseUrl: "https://api.openai.com/v1",
        apiKey: process.env.OPENAI_API_KEY,
    },
});

See Bring your own key (BYOK) for full details.

Session management

Apps typically want named sessions so users can resume conversations:

const client = new CopilotClient();

// Create a session tied to the user's project
const sessionId = `project-${projectName}`;
const session = await client.createSession({
    sessionId,
    model: "gpt-4.1",
});

// User closes app...
// Later, resume where they left off
const resumed = await client.resumeSession(sessionId);

Session state persists at ~/.copilot/session-state/{sessionId}/.

When to move on

NeedNext guide
Users signing in with GitHub accountsUsing GitHub OAuth with Copilot SDK
Run on a server instead of user machinesSetting up Copilot SDK for backend services
Use your own model keysBring your own key (BYOK)

Next steps