GitHub Copilot: Content Exclusion REST API Now in Public Preview

Programmatic Content Exclusion Management

GitHub has released a new REST API in public preview that allows organization and enterprise administrators to programmatically manage Copilot content exclusion rules. Content exclusion rules control which files and directories are prevented from being used as context for Copilot suggestions, ensuring that sensitive code, proprietary algorithms, or compliance-restricted content is never sent to AI models.

Prior to this API, content exclusion rules could only be managed through the GitHub web UI, requiring administrators to manually navigate to organization settings and update rules one at a time. The new REST API enables automation of exclusion rule management, making it possible to integrate content exclusion into existing infrastructure-as-code workflows, CI/CD pipelines, and compliance automation systems.

API Capabilities

The REST API supports full CRUD operations on content exclusion rules at both the organization and enterprise levels. Administrators can list existing rules, create new rules, update existing rules, and delete rules that are no longer needed. Each rule specifies a pattern — a file path, directory path, or glob pattern — that identifies the content to exclude.

The API also supports bulk operations, allowing administrators to create or update multiple rules in a single request. This is particularly useful for organizations that need to synchronize exclusion rules across multiple repositories or that maintain exclusion lists in external configuration management systems.

Integration with Existing Workflows

The API is designed to integrate with existing GitHub automation patterns. It uses the same authentication mechanisms (personal access tokens, GitHub Apps, fine-grained tokens) and follows the same REST conventions as other GitHub APIs. Organizations that already manage GitHub configuration programmatically through Terraform, Pulumi, or custom scripts can extend their existing automation to include Copilot content exclusion rules.

Webhook support for content exclusion changes is included in the preview, enabling organizations to trigger downstream workflows when exclusion rules are modified — for example, notifying security teams when a previously excluded directory is removed from the exclusion list.

Availability

The Content Exclusion REST API is available in public preview for all GitHub Enterprise Cloud organizations with Copilot Business or Enterprise licenses. The API is accessible through the standard GitHub REST API endpoint and is documented in the GitHub REST API reference.