romtuck/openclaw
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
d71bf783da
openclaw/docs/providers/github-copilot.md
RebelSyntax c800a686e7 fix(github-copilot): use gho_ tokens directly without exchange 
Tokens from the GitHub Copilot CLI (prefixed with `gho_`) can be used
directly with the Copilot API without requiring a token exchange via
/copilot_internal/v2/token (which returns HTTP 404 for these tokens).

This fixes authentication for users who:
- Installed the Copilot CLI (`npm install -g @github/copilot`)
- Authenticated via `copilot auth login`
- Set COPILOT_GITHUB_TOKEN or GH_TOKEN to their gho_ token

The fix detects gho_ prefixed tokens and skips the exchange, caching
them with an 8-hour TTL (matching typical OAuth token lifetimes).

Also adds COPILOT_API_BASE_URL env var support for enterprise users
whose proxy blocks api.individual.githubcopilot.com. Set this to your
enterprise endpoint (e.g., https://api.business.githubcopilot.com).

[AI-assisted] Tested with GitHub Copilot CLI 0.0.399 on WSL2.

Closes #3437
2026-01-29 23:36:52 -05:00

3.0 KiB
Raw Blame History

summary read_when
Sign in to GitHub Copilot from OpenClaw using the device flow
You want to use GitHub Copilot as a model provider
You need the `openclaw models auth login-github-copilot` flow
You already use the GitHub Copilot CLI

Github Copilot

What is GitHub Copilot?

GitHub Copilot is GitHub's AI coding assistant. It provides access to Copilot models for your GitHub account and plan. OpenClaw can use Copilot as a model provider in three different ways.

Three ways to use Copilot in OpenClaw

1) Built-in GitHub Copilot provider (github-copilot)

Use the native device-login flow to obtain a GitHub token, then exchange it for Copilot API tokens when OpenClaw runs. This is the default and simplest path because it does not require VS Code.

2) Copilot CLI token (gho_ tokens)

If you already use the GitHub Copilot CLI, you can use its OAuth token directly. These tokens (prefixed with gho_) work with the Copilot API without any additional exchange.

```bash

Install and authenticate the Copilot CLI

npm install -g @github/copilot copilot auth login

Get your token from ~/.copilot/config.json and set it.

The file structure looks like:

{

"github.com": {

"token": "gho_your_token_here",

"user": "your_username"

}

}

Use the value of github.com.token:

export COPILOT_GITHUB_TOKEN="gho_your_token_here" ```

For enterprise users whose proxy blocks the individual endpoint, set the base URL to your enterprise endpoint:

```bash export COPILOT_API_BASE_URL="https://api.business.githubcopilot.com" ```

3) Copilot Proxy plugin (copilot-proxy)

Use the Copilot Proxy VS Code extension as a local bridge. OpenClaw talks to the proxy's /v1 endpoint and uses the model list you configure there. Choose this when you already run Copilot Proxy in VS Code or need to route through it. You must enable the plugin and keep the VS Code extension running.

Use GitHub Copilot as a model provider (github-copilot). The login command runs the GitHub device flow, saves an auth profile, and updates your config to use that profile.

CLI setup

```bash openclaw models auth login-github-copilot ```

You'll be prompted to visit a URL and enter a one-time code. Keep the terminal open until it completes.

Optional flags

```bash openclaw models auth login-github-copilot --profile-id github-copilot:work openclaw models auth login-github-copilot --yes ```

Set a default model

```bash openclaw models set github-copilot/gpt-4o ```

Config snippet

```json5 { agents: { defaults: { model: { primary: "github-copilot/gpt-4o" } } } } ```

Notes

  • Requires an interactive TTY; run it directly in a terminal.
  • Copilot model availability depends on your plan; if a model is rejected, try another ID (for example `github-copilot/gpt-4.1`).
  • The login stores a GitHub token in the auth profile store and exchanges it for a Copilot API token when OpenClaw runs.