Support Enterprise MCP Policies

[NicholasHallman]

Describe the feature or problem you'd like to solve

Some enterprise users require that MCP policies and the MCP allowlist are enforced before a tool can be enabled for an organization.

Proposed solution

Hi, my colleagues and I would love to use copilot-cli, but we’re currently unable to because, to my knowledge, copilot-cli does not respect MCP allowlist policies.

It’s possible this has changed since the following document was released: https://docs.github.com/en/copilot/how-tos/administer-copilot/configure-mcp-server-access#support-for-mcp-policies. As of now, my understanding is that this feature is not supported.

Respecting the allow list would enforce the minimum level of security our organization needs to ensure only trusted tools are used by agents. This is critical for minimizing potential risks to development environments, internal tooling, and other sensitive systems.

Example prompts or workflows

No response

Additional context

No response

[thawkins]

+1, but for a business plan, which is just stripped-down enterprise

particularly overage setup in business/enterprise

[jeroenjanssen-cpp]

I am also running into our IT organization not allowing copilo-cli yet due to the unavailability of Enterprise controls (e.g. to enforce mcp server allow list and mcp registry for copilot-cli).

This also means that we are not yet able to use the GitHub Copilot SDK since it relies on the copilot-cli.

Is there any insight in this being on the roadmap (I assume it will be a blocker for more organizations)

[katrinajaneczko]

+1 that it's a blocker for my organization

[daetty]

Copilot CLI was declared GA in February but without the ability to enforce compliance with GitHub MCP policies and the MCP registry usage of the CLI (and hence also the SDK) will not be allowed in Enterprise contexts.

Please consider MCP controls a necessary condition for adoption in many enterprise organizations and prioritize the feature accordingly.

[thawkins]

This also effects my enterprise

…

On Tue, Mar 17, 2026, 14:52 Stefan Dätwyler ***@***.***> wrote: *daetty* left a comment (github/copilot-cli#599) <#599 (comment)> Copilot CLI was declared GA in February but without the ability to enforce compliance with GitHub MCP policies and the MCP registry usage of the CLI (and hence also the SDK) will not be allowed in Enterprise contexts. Please consider MCP controls a necessary condition for adoption in many enterprise organizations and prioritize the feature accordingly. — Reply to this email directly, view it on GitHub <#599 (comment)>, or unsubscribe <https://github.com/notifications/unsubscribe-auth/AAADRSM6EATEX3QDPPSMT3T4RD75DAVCNFSM6AAAAACMLLV4OWVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHM2DANZTGAZDMMRRGA> . You are receiving this because you commented.Message ID: ***@***.***>

[examon]

This was addressed in v1.0.11. Organization policy for third-party MCP servers is now enforced. When your organization configures an MCP allowlist, the CLI respects it and blocks servers that are not on the approved list. If you're still running into issues with this after updating, feel free to reopen.