romtuck/openclaw
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
d71bf783da
openclaw/docs/providers/github-copilot.md
RebelSyntax c800a686e7 fix(github-copilot): use gho_ tokens directly without exchange 
Tokens from the GitHub Copilot CLI (prefixed with `gho_`) can be used
directly with the Copilot API without requiring a token exchange via
/copilot_internal/v2/token (which returns HTTP 404 for these tokens).

This fixes authentication for users who:
- Installed the Copilot CLI (`npm install -g @github/copilot`)
- Authenticated via `copilot auth login`
- Set COPILOT_GITHUB_TOKEN or GH_TOKEN to their gho_ token

The fix detects gho_ prefixed tokens and skips the exchange, caching
them with an 8-hour TTL (matching typical OAuth token lifetimes).

Also adds COPILOT_API_BASE_URL env var support for enterprise users
whose proxy blocks api.individual.githubcopilot.com. Set this to your
enterprise endpoint (e.g., https://api.business.githubcopilot.com).

[AI-assisted] Tested with GitHub Copilot CLI 0.0.399 on WSL2.

Closes #3437
2026-01-29 23:36:52 -05:00

102 lines
3.0 KiB
Markdown
Raw Blame History

---
summary: "Sign in to GitHub Copilot from OpenClaw using the device flow"
read_when:
- You want to use GitHub Copilot as a model provider
- You need the `openclaw models auth login-github-copilot` flow
- You already use the GitHub Copilot CLI
---
# Github Copilot
## What is GitHub Copilot?
GitHub Copilot is GitHub's AI coding assistant. It provides access to Copilot
models for your GitHub account and plan. OpenClaw can use Copilot as a model
provider in three different ways.
## Three ways to use Copilot in OpenClaw
### 1) Built-in GitHub Copilot provider (`github-copilot`)
Use the native device-login flow to obtain a GitHub token, then exchange it for
Copilot API tokens when OpenClaw runs. This is the **default** and simplest path
because it does not require VS Code.
### 2) Copilot CLI token (`gho_` tokens)
If you already use the [GitHub Copilot CLI](https://docs.github.com/en/copilot/using-github-copilot/using-github-copilot-in-the-command-line),
you can use its OAuth token directly. These tokens (prefixed with `gho_`) work
with the Copilot API without any additional exchange.
\`\`\`bash
# Install and authenticate the Copilot CLI
npm install -g @github/copilot
copilot auth login
# Get your token from ~/.copilot/config.json and set it.
# The file structure looks like:
# {
# "github.com": {
# "token": "gho_your_token_here",
# "user": "your_username"
# }
# }
# Use the value of github.com.token:
export COPILOT_GITHUB_TOKEN="gho_your_token_here"
\`\`\`
For **enterprise users** whose proxy blocks the individual endpoint, set the
base URL to your enterprise endpoint:
\`\`\`bash
export COPILOT_API_BASE_URL="https://api.business.githubcopilot.com"
\`\`\`
### 3) Copilot Proxy plugin (`copilot-proxy`)
Use the **Copilot Proxy** VS Code extension as a local bridge. OpenClaw talks to
the proxy's `/v1` endpoint and uses the model list you configure there. Choose
this when you already run Copilot Proxy in VS Code or need to route through it.
You must enable the plugin and keep the VS Code extension running.
Use GitHub Copilot as a model provider (`github-copilot`). The login command runs
the GitHub device flow, saves an auth profile, and updates your config to use that
profile.
## CLI setup
\`\`\`bash
openclaw models auth login-github-copilot
\`\`\`
You'll be prompted to visit a URL and enter a one-time code. Keep the terminal
open until it completes.
### Optional flags
\`\`\`bash
openclaw models auth login-github-copilot --profile-id github-copilot:work
openclaw models auth login-github-copilot --yes
\`\`\`
## Set a default model
\`\`\`bash
openclaw models set github-copilot/gpt-4o
\`\`\`
### Config snippet
\`\`\`json5
{
agents: { defaults: { model: { primary: "github-copilot/gpt-4o" } } }
}
\`\`\`
## Notes
- Requires an interactive TTY; run it directly in a terminal.
- Copilot model availability depends on your plan; if a model is rejected, try
another ID (for example \`github-copilot/gpt-4.1\`).
- The login stores a GitHub token in the auth profile store and exchanges it for a
Copilot API token when OpenClaw runs.
Reference in New Issue View Git Blame Copy Permalink