Identify who requested Copilot for our organization

[stevepiercy]

Select Topic Area

Question

Body

We are a collective of FOSS programmers. As an organization we do not want to purchase Copilot, because it would be insanely expensive for all our members.

However 2 individuals that we cannot identify have requested that we buy Copilot for the organization. I would like to identify them and tell them that they may purchase an individual license. I already looked into our audit logs per https://docs.github.com/en/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/reviewing-the-audit-log-for-your-organization, but could not find the magic keyword that solves this identification issue.

I would also like to prevent organization members from making this request in the first place.

Finally I would like to remove the notifications for these request entirely go away.

Please let me know. Thank you!

[b8zeek]

You can reach out to the GitHub Support directly, they can help with this as they should be able to assist you with your questions about organization management and notifications. There is no way for you to identify those two members.

As for preventing organization members from making that kind of requests, I do not think that GitHub currently offers a feature to restrict members from requesting it. You might consider creating a policy within your organization and communicating it to your members. That might be the right and transparent way, a human way. 🙂

Hope this solves it for you. 🍺

🍀

[stevepiercy]

I did reach out to GitHub, and they won't help.

Any policy has to be published wherever those buttons to request Copilot exists, for example: "Don't click the button below because our organization cannot afford to pay for your license. You can buy one for your personal use instead."

This answer does not allow me to tell the requestors that they may purchase an individual license. Our organization will never purchase a license. If GitHub wants to push Copilot licenses, this would be a good way to have other people do their marketing for them.

[AftonSpiegel]

From Organization settings -> requests from members -> button that says 'unwatch' you can set the notification preferences.

[BridgeAR]

That is not a solution, as it only prevents the notification from going out to you about the request but neither does it prevent the request itself, not does it allow to deny the request.

[deviantintegral]

This is frustrating. As an org admin, you can't even follow the "happy path" of reaching out to team members and letting them know you're investigating their request. And in the case where org policy means you may never add this addon, you're just going to end up with confused team members.

This feels like a dark pattern, and I'm sad to see it bleed into the UI. With other apps (such as Slack integrations) you can at least deny the request and move on.

I'm going to reach out to support to express my displeasure, and suggest others do the same.

[github-actions[bot]]

🕒 Discussion Activity Reminder 🕒

This Discussion has been labeled as dormant by an automated system for having no activity in the last 60 days. Please consider one the following actions:

1️⃣ Close as Out of Date: If the topic is no longer relevant, close the Discussion as out of date at the bottom of the page.

2️⃣ Provide More Information: Share additional details or context — or let the community know if you've found a solution on your own.

3️⃣ Mark a Reply as Answer: If your question has been answered by a reply, mark the most helpful reply as the solution.

Note: This dormant notification will only apply to Discussions with the Question label. To learn more, see our recent announcement.

Thank you for helping bring this Discussion to a resolution! 💬

[romikoops]

+1

[nuclearcat]

Same here, we need to have proper audit on such things

[darkfishy]

+1

[raf202]

It's a way of Microsoft pressuring admins to buy add-ons or "anonymous" devs will be sad and improductive. Shady marketing practice, the fact that that they built a whole github feature around it is concerning.

I did the only solution possible right now: Unwatched these notifications and notified all devs to request directly to me.

[p-t-u]

Bump.

Github, you know the right thing to do here. This is obviously a growth hack. Ignoring this ticket for several months is not a good look.

[nicholasrolstad]

The answer is "nobody". It's complete BS from Microsoft. I have a very small team and NOBODY requested this trash, yet I got the same message. It's not real, its just an ad. F microsoft.

[rahul-gundecha]

+1

[orovadianavina]

same problem here 🤷🏿‍♂️

[claurau]

+1

[os-pling]

Ours also says 2 requested with no way of knowing who requested so we could follow up.

[ralleman-quasarsat]

Since the request feature is crippled in github, I've asked staff to come to me directly with the request.

[ForsakenRei]

Facing a same issue.

[gplaza-alny]

+1

[MichaelChirico]

Such request goes against our org's explicit policy to disallow AI-generated code. It is frustrating that we cannot reach out to remind whichever member is responsible about this policy, and even moreso that there's some possibility that the request is entirely spurious.

[alexlato22]

Hi 👋 Thank you for the feedback. I completely understand and will take it back to the team to see what we can do. Thank you for sharing it, I really mean that, it's always appreciated!

Let me help clarify how you can see who has requested access to Copilot. Hopefully this helps in the mean time.

If you're an organisation admin and you have requests for Copilot access in that org, go to Settings > Copilot > Access. If the organisation has Copilot enabled (not assigned and paying, just enabled) you can see who has requested access and deny it, if you wish to do so. I've attached a screenshot of an example in one of my test organisations. Let me know if that helps to clarify how to see who requested access.

To "enable" Copilot, you need to be an admin, go to Settings > Copilot > Access and enable it. You will not be charged until seats are assigned. So you can enable it in order to see who has requested access.

When in Settings > Copilot > Access as an organisation admin, I can see that no seats are assigned, but that I have a request from a specific user.

When in Settings > Copilot > Access as an organisation admin, and I click on 'review access requests' I can see who has requested specifically and when, and can deny the request (which will send an email to that user to let them know and ask them to reach out to you or another admin for more details if needed).

If you want to unsubscribe from these notifications as an admin, go to Settings > Requests from Members > Unwatch > Ignore.

[nuclearcat]

Same here, it requests billing information and it needs special board authorization to do such things. Unfortunately this is not a solution or answer.

[nstein-gpjoule]

@Akash1134 In my opinion this question isn't answered, this is merely a work around.

[motyc]

I agreed with the others. This is not answer at all as it needs to provide valid payment method.

[fuhrmanator]

As others have said, the accepted answer says we can unsubscribe or give a credit card (neither is really a solution).

It's a shame, because all my members are students and can get access to Pro via https://docs.github.com/en/copilot/managing-copilot/managing-copilot-as-an-individual-subscriber/managing-your-github-copilot-pro-subscription/getting-free-access-to-copilot-pro-as-a-student-teacher-or-maintainer

If I knew who was submitting the request, I would let them know directly. For now I'm just going to put a message on the org's front page (member's readme) mentioning this discussion and how to activate with student access.

[jjuelotc]

Wait, this reply reads like I have to turn on copilot to see who requests a seat license and deny it? That is a dark pattern and not in the spirit of what Github was meant to be. Clearly Microsoft is influence Github in a negative way here.

[dcurry-etana]

@alexlato22 Thanks for the detailed explanation. However, the original reporter's situation (and mine) is that he doesn't have CoPilot enabled and doesn't want to. If you go to Settings > CoPilot > Access and you don't have CoPilot enabled, all you see is a marketing blurb and a button labeled "Enable GitHub CoPilot". There is no option to deny the user's request or to remove it from the "Member requests for GitHub Add-Ons" page.

[alexlato22]

I completely understand. As I mentioned, the team and I are looking at how we can fix that in the near future. We've added it to the backlog and when we get to it, I'll share it here. Thanks!

[shantanoo]

Any tentative date for resolving this?

[jjuelotc]

I would also like to know when this issue will get resolved.

[Jnesselr]

I don't want to need to enable Copilot just to see who requested GitHub copilot. And it doesn't seem like there's any way to disable it completely or prevent people from requesting access or even seeing who has requested access without enabling it.

[alexlato22]

Acknowledged! It's in our backlog to making requests visible without needing to enable Copilot. Unfortunately that is how it's built today. I do want to reiterate that enabling doesn't mean you have to pay. I completely understand the experience is not ideal but as we work to fix it, that's the work around to see requests. Thanks!

[deviantintegral]

Thanks for the update. I'll say for myself the big reason I haven't turned Copilot on to see the list is that I don't trust GitHub to contact our organization's users in the UI or over email with a message saying something like "good news, your org has turned on copilot and you just have to ask for a license". Getting this available separate from that checkbox will be a great improvement.

[ForsakenRei]

Thanks for the update. I'll say for myself the big reason I haven't turned Copilot on to see the list is that I don't trust GitHub to contact our organization's users in the UI or over email with a message saying something like "good news, your org has turned on copilot and you just have to ask for a license". Getting this available separate from that checkbox will be a great improvement.

Once I enabled it, can I disable it for the org again?

[MjHolton]

This feels like a ploy to get me to turn on CoPilot. Why couldn't you at the "Member requests for GitHub Add-Ons" as you enumerate the requested item just show me who is requesting this? I could then simply have a conversation with those individuals and if the request is valid prepare a business justification for a new spend.

I have doubts about the maturity of CoPilot and safety of our IP. If all I am getting out of this is auto-complete assistance and simple unit tests, then I would rather address the skillset. If there is more to it, I would just need to be informed of advancements made with CoPilot and being able to discuss with those that are requesting might clue me in.

[BhavyaLH]

My GH account is of my organization's domain (myname@myorg.com). I'm added as a member to my organization and can get all the repos. Would my admin know if I have an individual copilot license?

[nstein-gpjoule]

Acknowledged! It's in our backlog to making requests visible without needing to enable Copilot. Unfortunately that is how it's built today. I do want to reiterate that enabling doesn't mean you have to pay. I completely understand the experience is not ideal but as we work to fix it, that's the work around to see requests. Thanks!

@alexlato22 Any update on this?

[oschusler]

To add to the notion of this not being a solution; I just got a request for "Draft pull requests". Since we are on the free plan, this is not included. Here again, I cannot see which member of our organisation requested it. Given that this workaround is specific to GitHub Copilot, it won't work for these requests.

[nicholasrolstad]

Nobody requested it, that's why you can't tell who. They're making up fake requests to trick people into thinking their staff wants this. I get the same "requests" as you guys but have a very small team and know that nobody has requested anything. This is steaming pile of BS from GutHub/Microsoft.

…

________________________________ From: Olaf Schusler ***@***.***> Sent: Thursday, November 28, 2024 12:31:15 PM To: community/community ***@***.***> Cc: Nicholas Rolstad ***@***.***>; Comment ***@***.***> Subject: Re: [community/community] Identify who requested Copilot for our organization (Discussion #73264) To add to the notion of this not being a solution; I just got a request for "Draft pull requests". Since we are on the free plan, this is not included. Here again, I cannot see which member of our organisation requested it. Given that this workaround is specific to GitHub Copilot, it won't work for these requests. — Reply to this email directly, view it on GitHub<#73264 (comment)>, or unsubscribe<https://github.com/notifications/unsubscribe-auth/AF3QAONK7QQSYDDSXPU5VO32C5OPHAVCNFSM6AAAAAA63NPIPWVHI2DSMVQWIX3LMV43URDJONRXK43TNFXW4Q3PNVWWK3TUHMYTCNBQHEZTSNQ>. You are receiving this because you commented.Message ID: ***@***.***>

[bsloan-icl]

This is causing issues for our organisation as well. We don't have copilot enabled and currently don't want it enabled. Anytime a new user is added to the org, they're asked if they want a copilot seat. This is incredibly misleading because we don't even have any copilot seats.

We receive dozens of tickets via the Service Desk from users asking where their copilot license is that they requested. But we don't have any seats to assign to them. It's incredibly frustrating for both end-users who believe they can access copilot and also admins who have to deal with the fallout.

[fs-nlober]

This is problematic for us, too. We never requested this feature, and it feels scummy that MS is trying to shove more AI tooling down our throats.

[bhagdave]

I did wonder how long it would be before the dark arts of Microsoft hit GitHub. Well here we are. Bizarre requests that nobody has made and no way of getting rid of them.

[jjuelotc]

Still a problem and creates a negative experience for enterprise and organization owners if they choose not to enable copilot.

If I have copilot disabled at either the enterprise or organization level, I don't think Microsoft should be allowed to advertise paid features directly to my users through the enterprise application I am owner of have have decided not to enable said features on.

[nicholasrolstad]

Do not resist. Microsoft knows best. You shall bend to their will.

…

________________________________ From: Jared Juel ***@***.***> Sent: Wednesday, March 12, 2025 9:17:50 AM To: community/community ***@***.***> Cc: Nicholas Rolstad ***@***.***>; Comment ***@***.***> Subject: Re: [community/community] Identify who requested Copilot for our organization (Discussion #73264) Still a problem and creates a negative experience for enterprise and organization owners if they choose not to enable copilot. If I have copilot disabled at either the enterprise or organization level, I don't think Microsoft should be allowed to advertise paid features directly to my users through the enterprise application I am owner of have have decided not to enable said features on. — Reply to this email directly, view it on GitHub<#73264 (comment)>, or unsubscribe<https://github.com/notifications/unsubscribe-auth/AF3QAOIUCV2A5NOX35PWXOD2UBM25AVCNFSM6AAAAAA63NPIPWVHI2DSMVQWIX3LMV43URDJONRXK43TNFXW4Q3PNVWWK3TUHMYTENBXG4ZTCOI>. You are receiving this because you commented.Message ID: ***@***.***>