Identify who requested Copilot for our organization

[stevepiercy]

Select Topic Area

Question

Body

We are a collective of FOSS programmers. As an organization we do not want to purchase Copilot, because it would be insanely expensive for all our members.

However 2 individuals that we cannot identify have requested that we buy Copilot for the organization. I would like to identify them and tell them that they may purchase an individual license. I already looked into our audit logs per https://docs.github.com/en/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/reviewing-the-audit-log-for-your-organization, but could not find the magic keyword that solves this identification issue.

I would also like to prevent organization members from making this request in the first place.

Finally I would like to remove the notifications for these request entirely go away.

Please let me know. Thank you!

[b8zeek]

You can reach out to the GitHub Support directly, they can help with this as they should be able to assist you with your questions about organization management and notifications. There is no way for you to identify those two members.

As for preventing organization members from making that kind of requests, I do not think that GitHub currently offers a feature to restrict members from requesting it. You might consider creating a policy within your organization and communicating it to your members. That might be the right and transparent way, a human way. 🙂

Hope this solves it for you. 🍺

🍀

[stevepiercy]

I did reach out to GitHub, and they won't help.

Any policy has to be published wherever those buttons to request Copilot exists, for example: "Don't click the button below because our organization cannot afford to pay for your license. You can buy one for your personal use instead."

This answer does not allow me to tell the requestors that they may purchase an individual license. Our organization will never purchase a license. If GitHub wants to push Copilot licenses, this would be a good way to have other people do their marketing for them.

[AftonSpiegel]

From Organization settings -> requests from members -> button that says 'unwatch' you can set the notification preferences.

[BridgeAR]

That is not a solution, as it only prevents the notification from going out to you about the request but neither does it prevent the request itself, not does it allow to deny the request.

[deviantintegral]

This is frustrating. As an org admin, you can't even follow the "happy path" of reaching out to team members and letting them know you're investigating their request. And in the case where org policy means you may never add this addon, you're just going to end up with confused team members.

This feels like a dark pattern, and I'm sad to see it bleed into the UI. With other apps (such as Slack integrations) you can at least deny the request and move on.

I'm going to reach out to support to express my displeasure, and suggest others do the same.

[github-actions[bot]]

🕒 Discussion Activity Reminder 🕒

This Discussion has been labeled as dormant by an automated system for having no activity in the last 60 days. Please consider one the following actions:

1️⃣ Close as Out of Date: If the topic is no longer relevant, close the Discussion as out of date at the bottom of the page.

2️⃣ Provide More Information: Share additional details or context — or let the community know if you've found a solution on your own.

3️⃣ Mark a Reply as Answer: If your question has been answered by a reply, mark the most helpful reply as the solution.

Note: This dormant notification will only apply to Discussions with the Question label. To learn more, see our recent announcement.

Thank you for helping bring this Discussion to a resolution! 💬

[romikoops]

+1

[nuclearcat]

Same here, we need to have proper audit on such things

[darkfishy]

+1

[raf202]

It's a way of Microsoft pressuring admins to buy add-ons or "anonymous" devs will be sad and improductive. Shady marketing practice, the fact that that they built a whole github feature around it is concerning.

I did the only solution possible right now: Unwatched these notifications and notified all devs to request directly to me.

[p-t-u]

Bump.

Github, you know the right thing to do here. This is obviously a growth hack. Ignoring this ticket for several months is not a good look.

[nicholasrolstad]

There is no solution because it's working as intended as far as Microsoft/GitHub are concerned. They want you to (falsely) believe that someone on your team made this request so that you purchase their product.

They obviously don't want to just come out and say this, so better to mark it resolved and continue to ignore anybody who questions their authority to lie to you in an attempt to get your money.

[rahul-gundecha]

+1

[orovadianavina]

same problem here 🤷🏿‍♂️

[claurau]

+1

[os-pling]

Ours also says 2 requested with no way of knowing who requested so we could follow up.

[ralleman-quasarsat]

Since the request feature is crippled in github, I've asked staff to come to me directly with the request.

[fs-nlober]

This is problematic for us, too. We never requested this feature, and it feels scummy that MS is trying to shove more AI tooling down our throats.

[bhagdave]

I did wonder how long it would be before the dark arts of Microsoft hit GitHub. Well here we are. Bizarre requests that nobody has made and no way of getting rid of them.

[jjuelotc]

Still a problem and creates a negative experience for enterprise and organization owners if they choose not to enable copilot.

If I have copilot disabled at either the enterprise or organization level, I don't think Microsoft should be allowed to advertise paid features directly to my users through the enterprise application I am owner of have have decided not to enable said features on.

[nicholasrolstad]

Do not resist. Microsoft knows best. You shall bend to their will.

…

________________________________ From: Jared Juel ***@***.***> Sent: Wednesday, March 12, 2025 9:17:50 AM To: community/community ***@***.***> Cc: Nicholas Rolstad ***@***.***>; Comment ***@***.***> Subject: Re: [community/community] Identify who requested Copilot for our organization (Discussion #73264) Still a problem and creates a negative experience for enterprise and organization owners if they choose not to enable copilot. If I have copilot disabled at either the enterprise or organization level, I don't think Microsoft should be allowed to advertise paid features directly to my users through the enterprise application I am owner of have have decided not to enable said features on. — Reply to this email directly, view it on GitHub<#73264 (comment)>, or unsubscribe<https://github.com/notifications/unsubscribe-auth/AF3QAOIUCV2A5NOX35PWXOD2UBM25AVCNFSM6AAAAAA63NPIPWVHI2DSMVQWIX3LMV43URDJONRXK43TNFXW4Q3PNVWWK3TUHMYTENBXG4ZTCOI>. You are receiving this because you commented.Message ID: ***@***.***>

[rtek]

Ran into this today. We thought it was a security breach since noone requested it to our knowledge.

Considering this hostile ux to push copilot licenses. Shame on you MS.

[pgunn]

@alexlato22 Any news on this?

[pgunn]

@Akash1134 Any chance you can push for this to be fixed soon? It's been almost a year and a half.

[pgunn]

@mariorod Please fix this.

[carloalbertobarbano]

Yes please

[robe2]

Yes please

[matebe12]

좋지 못한 마케팅 수법이네요

[coke]

The question is marked as answered, but the answer is not acceptable.

[pgunn]

@alexlato22 Any news on this?

[vanga]

I want to give a medal to the Product person at Github who decided to implement it this way in the first place. Such a dark pattern. This still exists after years of people compalining for no sane reason.

[erinmcooper]

Where is the real solution on this?

[nicholasrolstad]

There is no solution because it's working as intended as far as Microsoft/GitHub are concerned. They want you to (falsely) believe that someone on your team made this request so that you purchase their product.

They obviously don't want to just come out and say this, so better to mark it resolved and continue to ignore anybody who questions their authority to lie to you in an attempt to get your money.