Skip to main content
Browse docs
By Audience
Getting Started
Configuration
Use Cases
IDE Integration
OverviewGateway Setup For IdesAccess Keys For Ides
VS Code
Vscode Github CopilotVscode ContinueVscode CodyVscode Custom Extensions
JetBrains
Jetbrains AI AssistantJetbrains ContinueJetbrains Custom Plugins
Other IDEs
CursorWindsurfNeovimZedXcodeEmacs
Team & Operations
Hosted Gateway For TeamsPolicies For Ide TrafficMonitoring Ide UsageTroubleshooting
Third-Party Integrations
Engineering Cache
Console
API Reference
Gateway
Workflow Guides
Templates
Providers and SDKs
Industry Guides
Advanced Guides
Browse by Role
Deployment Guides
In-Depth Guides
Tutorials
CLI Reference
Policy Reference
FAQ

VS Code: GitHub Copilot Through the Gateway

GitHub Copilot uses GitHub's proprietary authentication and API infrastructure, which means you cannot simply point it at a custom endpoint. Instead, you route Copilot traffic through the Keeptrusts gateway using HTTP proxy interception.

Use this page when

  • You are working through VS Code: GitHub Copilot Through the Gateway as an implementation or operating workflow in Keeptrusts.
  • You need the practical steps, expected outcomes, and related validation guidance in one place.
  • If you need exact field-by-field reference instead of a workflow page, use the linked reference pages in Next steps.

Primary audience

  • Primary: Technical Engineers
  • Secondary: AI Agents, Technical Leaders

How It Works

The Keeptrusts gateway acts as an HTTP proxy that intercepts Copilot's API calls before they reach GitHub's servers. This allows you to:

  • Apply input policies (secret redaction, content blocking) to code snippets Copilot sends
  • Apply output policies (content filtering, disclaimers) to completions Copilot returns
  • Log all Copilot interactions as governance events
  • Attribute Copilot usage and costs to developers and teams

Prerequisites

  • Gateway running on localhost:41002
  • GitHub Copilot extension installed in VS Code
  • Active GitHub Copilot subscription

Configure Proxy Interception

Method 1: VS Code Proxy Settings

Set VS Code to route HTTP traffic through the Keeptrusts gateway proxy:

Open your VS Code settings.json (Cmd+Shift+P → "Preferences: Open User Settings (JSON)") and add:

{
  "http.proxy": "http://localhost:41002",
  "http.proxyStrictSSL": false,
  "http.proxySupport": "on"
}

This routes all VS Code HTTP traffic (including Copilot) through the gateway.

Method 2: Environment Variables

Set proxy environment variables before launching VS Code:

export HTTP_PROXY="http://localhost:41002"
export HTTPS_PROXY="http://localhost:41002"
code .

On macOS, if you launch VS Code from the Dock, set these in your shell profile (~/.zshrc or ~/.bashrc) and restart VS Code from the terminal:

# Add to ~/.zshrc
export HTTP_PROXY="http://localhost:41002"
export HTTPS_PROXY="http://localhost:41002"

Method 3: GitHub Copilot Advanced Settings

VS Code exposes some advanced Copilot configuration options:

{
  "github.copilot.advanced": {
    "debug.overrideProxyUrl": "http://localhost:41002",
    "debug.testOverrideProxyUrl": "http://localhost:41002"
  }
}
note

These debug settings may change between Copilot extension versions. The proxy-based approach (Methods 1 and 2) is more reliable long-term.

Configure the Gateway for Proxy Mode

Ensure your policy-config.yaml includes proxy mode configuration:

pack:
  name: vscode-github-copilot-providers-1
  version: 1.0.0
  enabled: true
providers:
  targets:
  - id: github-copilot
    provider: 
policies:
  chain:
  - audit-logger
policy:
  audit-logger:
    immutable: true
    retention_days: 365
    log_all_access: true

The passthrough type forwards requests to Copilot's upstream servers after applying your policy chain, preserving Copilot's authentication headers.

Verify Traffic Is Flowing

Open a new terminal and watch gateway events in real time:

kt events tail

Now trigger a Copilot completion in VS Code by typing code and waiting for the ghost text suggestion. You should see events appear in the terminal:

[2024-01-15 10:23:45] INPUT  github-copilot  completions  user:jane  PASS
[2024-01-15 10:23:46] OUTPUT github-copilot  completions  user:jane  PASS

Verify Policy Enforcement

Test that your policies apply to Copilot traffic. If you have a secret-redaction policy, try typing a comment containing a fake API key:

# Use this key: sk-test1234567890abcdef

The gateway should redact the key before it reaches GitHub's servers. Check the event log for redaction actions:

kt events tail --filter action=redact

Limitations

  • Authentication is managed by GitHub — you cannot replace Copilot's auth with a Keeptrusts access key. The gateway passes through Copilot's OAuth tokens.
  • Copilot Chat — chat requests also route through the proxy when configured. The same policies apply.
  • Copilot for CLI — terminal-based Copilot features (gh copilot) do not use VS Code's proxy settings. Set HTTP_PROXY in your shell for those.
  • Endpoint not fully configurable — unlike Continue or CodeGPT, Copilot does not expose a "base URL" setting. Proxy interception is the primary integration path.

Troubleshooting

Copilot stops working after enabling proxy

  1. Check the gateway is running: curl http://localhost:41002/v1/models
  2. Verify VS Code picked up the proxy: open the Output panel (Cmd+Shift+U) and select "GitHub Copilot"
  3. Check for certificate errors — set "http.proxyStrictSSL": false if using self-signed certs

No events appear in kt events tail

  1. Confirm the proxy setting is active — restart VS Code after changing settings
  2. Trigger a completion by typing in a supported language file
  3. Check gateway logs for incoming connections

Completions are slow

The proxy adds minimal latency (<10ms typically). If completions are noticeably slower:

  1. Check gateway logs for policy evaluation time
  2. Ensure the gateway host has low-latency connectivity to GitHub's API
  3. Consider disabling expensive policies for the Copilot provider if latency is critical

For AI systems

  • Canonical terms: Keeptrusts, VS Code: GitHub Copilot Through the Gateway, ide-integration.
  • Exact feature, config, command, or page names: VS Code: GitHub Copilot Through the Gateway.
  • Use the linked audience and reference pages in Next steps when you need deeper source material.

For engineers

  • Use the commands, configuration examples, API payloads, or UI steps in this page as the working baseline for VS Code: GitHub Copilot Through the Gateway.
  • Validate the result with the expected outcomes, troubleshooting notes, or linked workflow pages in this page and Next steps.

For leaders

  • This page matters when planning rollout, governance, support ownership, or operating decisions for VS Code: GitHub Copilot Through the Gateway.
  • Use the linked audience, architecture, and workflow pages in Next steps to connect this detail to broader implementation choices.

Next steps