Points de terminaison d’API REST pour la gestion des exclusions de contenu Copilot

Get Copilot content exclusion rules for an enterprise

Note

This endpoint is in public preview and is subject to change.

Gets information about an enterprise's Copilot content exclusion path rules. To configure these settings, go to the enterprise's settings on GitHub. For more information, see "Excluding content from GitHub Copilot."

Enterprise owners can view details about Copilot content exclusion rules for the enterprise.

OAuth app tokens and personal access tokens (classic) need either the read:enterprise or copilot scopes to use this endpoint.

Caution

At this time, the API does not support comments. This endpoint will not return any comments in the existing rules.
At this time, the API does not support duplicate keys. If your content exclusion configuration contains duplicate keys, the API will return only the last occurrence of that key. For example, if duplicate entries are present, only the final value will be included in the response.

Jetons d’accès affinés pour « Get Copilot content exclusion rules for an enterprise »

Ce point de terminaison fonctionne avec les types de jetons précis suivants:

Le jeton finement détaillé doit avoir l’ensemble d’autorisations suivant:

"Enterprise AI controls" enterprise permissions (read)

Paramètres pour « Get Copilot content exclusion rules for an enterprise »

En-têtes
Nom, Type, Description
`accept` string Setting to `application/vnd.github+json` is recommended.

Paramètres de chemin d’accès
Nom, Type, Description
`enterprise` string Requis The slug version of the enterprise name.

Codes d’état de la réponse HTTP pour « Get Copilot content exclusion rules for an enterprise »

Code de statut	Description
`200`	OK
`401`	Requires authentication
`403`	Forbidden
`404`	Resource not found
`500`	Internal Error

Exemples de code pour « Get Copilot content exclusion rules for an enterprise »

Si vous accédez à GitHub à GHE.com, remplacez api.github.com par le sous-domaine dédié de votre entreprise à api.SUBDOMAIN.ghe.com.

Exemple de requête

get/enterprises/{enterprise}/copilot/content_exclusion

curl -L \
  -H "Accept: application/vnd.github+json" \
  -H "Authorization: Bearer <YOUR-TOKEN>" \
  -H "X-GitHub-Api-Version: 2026-03-10" \
  https://api.github.com/enterprises/ENTERPRISE/copilot/content_exclusion

OK

Status: 200

{
  "git@github.com:*/copilot": [
    "/__tests__/**"
  ],
  "octo-org/octo-repo": [
    "/src/some-dir/kernel.rs"
  ]
}

Set Copilot content exclusion rules for an enterprise

Note

This endpoint is in public preview and is subject to change.

Sets Copilot content exclusion path rules for an enterprise. To configure these settings, go to the enterprise's settings on GitHub. For more information, see "Excluding content from GitHub Copilot."

Enterprise owners can set Copilot content exclusion rules for the enterprise.

OAuth app tokens and personal access tokens (classic) need either the admin:enterprise or copilot scopes to use this endpoint.

Caution

At this time, the API does not support comments. When using this endpoint, any existing comments in your rules will be deleted.
At this time, the API does not support duplicate keys. If you submit content exclusions through the API with duplicate keys, only the last occurrence will be saved. Earlier entries with the same key will be overwritten.

Jetons d’accès affinés pour « Set Copilot content exclusion rules for an enterprise »

Ce point de terminaison fonctionne avec les types de jetons précis suivants:

Le jeton finement détaillé doit avoir l’ensemble d’autorisations suivant:

"Enterprise AI controls" enterprise permissions (write)

Paramètres pour « Set Copilot content exclusion rules for an enterprise »

En-têtes
Nom, Type, Description
`accept` string Setting to `application/vnd.github+json` is recommended.

Paramètres de chemin d’accès
Nom, Type, Description
`enterprise` string Requis The slug version of the enterprise name.

Codes d’état de la réponse HTTP pour « Set Copilot content exclusion rules for an enterprise »

Code de statut	Description
`200`	Success
`401`	Requires authentication
`403`	Forbidden
`404`	Resource not found
`413`	Payload Too Large
`422`	Validation failed, or the endpoint has been spammed.
`500`	Internal Error

Exemples de code pour « Set Copilot content exclusion rules for an enterprise »

Si vous accédez à GitHub à GHE.com, remplacez api.github.com par le sous-domaine dédié de votre entreprise à api.SUBDOMAIN.ghe.com.

Exemple de requête

put/enterprises/{enterprise}/copilot/content_exclusion

curl -L \
  -X PUT \
  -H "Accept: application/vnd.github+json" \
  -H "Authorization: Bearer <YOUR-TOKEN>" \
  -H "X-GitHub-Api-Version: 2026-03-10" \
  https://api.github.com/enterprises/ENTERPRISE/copilot/content_exclusion \
  -d '{"git@github.com:*/copilot":["/__tests__/**"],"octo-org/octo-repo":["/src/some-dir/kernel.rs"]}'

Success

Status: 200

{
  "message": "Content exclusion rules updated successfully."
}

Get Copilot content exclusion rules for an organization

Note

This endpoint is in public preview and is subject to change.

Gets information about an organization's Copilot content exclusion path rules. To configure these settings, go to the organization's settings on GitHub. For more information, see "Excluding content from GitHub Copilot."

Organization owners can view details about Copilot content exclusion rules for the organization.

OAuth app tokens and personal access tokens (classic) need either the copilot or read:org scopes to use this endpoint.

Caution

At this time, the API does not support comments. This endpoint will not return any comments in the existing rules.
At this time, the API does not support duplicate keys. If your content exclusion configuration contains duplicate keys, the API will return only the last occurrence of that key. For example, if duplicate entries are present, only the final value will be included in the response.

Jetons d’accès affinés pour « Get Copilot content exclusion rules for an organization »

Ce point de terminaison fonctionne avec les types de jetons précis suivants:

Le jeton finement détaillé doit avoir l’ensemble d’autorisations suivant:

"Copilot content exclusion" organization permissions (read)

Paramètres pour « Get Copilot content exclusion rules for an organization »

En-têtes
Nom, Type, Description
`accept` string Setting to `application/vnd.github+json` is recommended.

Paramètres de chemin d’accès
Nom, Type, Description
`org` string Requis The organization name. The name is not case sensitive.

Codes d’état de la réponse HTTP pour « Get Copilot content exclusion rules for an organization »

Code de statut	Description
`200`	OK
`401`	Requires authentication
`403`	Forbidden
`404`	Resource not found
`500`	Internal Error

Exemples de code pour « Get Copilot content exclusion rules for an organization »

Si vous accédez à GitHub à GHE.com, remplacez api.github.com par le sous-domaine dédié de votre entreprise à api.SUBDOMAIN.ghe.com.

Exemple de requête

get/orgs/{org}/copilot/content_exclusion

curl -L \
  -H "Accept: application/vnd.github+json" \
  -H "Authorization: Bearer <YOUR-TOKEN>" \
  -H "X-GitHub-Api-Version: 2026-03-10" \
  https://api.github.com/orgs/ORG/copilot/content_exclusion

OK

Status: 200

{
  "octo-repo": [
    "/src/some-dir/kernel.rs"
  ]
}

Set Copilot content exclusion rules for an organization

Note

This endpoint is in public preview and is subject to change.

Sets Copilot content exclusion path rules for an organization. To configure these settings, go to the organization's settings on GitHub. For more information, see "Excluding content from GitHub Copilot."

Organization owners can set Copilot content exclusion rules for the organization.

OAuth app tokens and personal access tokens (classic) need the copilot scope to use this endpoint.

Caution

At this time, the API does not support comments. When using this endpoint, any existing comments in your rules will be deleted.
At this time, the API does not support duplicate keys. If you submit content exclusions through the API with duplicate keys, only the last occurrence will be saved. Earlier entries with the same key will be overwritten.

Jetons d’accès affinés pour « Set Copilot content exclusion rules for an organization »

Ce point de terminaison fonctionne avec les types de jetons précis suivants:

Le jeton finement détaillé doit avoir l’ensemble d’autorisations suivant:

"Copilot content exclusion" organization permissions (write)

Paramètres pour « Set Copilot content exclusion rules for an organization »

En-têtes
Nom, Type, Description
`accept` string Setting to `application/vnd.github+json` is recommended.

Paramètres de chemin d’accès
Nom, Type, Description
`org` string Requis The organization name. The name is not case sensitive.

Codes d’état de la réponse HTTP pour « Set Copilot content exclusion rules for an organization »

Code de statut	Description
`200`	Success
`401`	Requires authentication
`403`	Forbidden
`404`	Resource not found
`413`	Payload Too Large
`422`	Validation failed, or the endpoint has been spammed.
`500`	Internal Error

Exemples de code pour « Set Copilot content exclusion rules for an organization »

Si vous accédez à GitHub à GHE.com, remplacez api.github.com par le sous-domaine dédié de votre entreprise à api.SUBDOMAIN.ghe.com.

Exemple de requête

put/orgs/{org}/copilot/content_exclusion

curl -L \
  -X PUT \
  -H "Accept: application/vnd.github+json" \
  -H "Authorization: Bearer <YOUR-TOKEN>" \
  -H "X-GitHub-Api-Version: 2026-03-10" \
  https://api.github.com/orgs/ORG/copilot/content_exclusion \
  -d '{"octo-repo":["/src/some-dir/kernel.rs"]}'

Success

Status: 200

{
  "message": "Content exclusion rules updated successfully."
}