Manage AI settings in enterprise environments

VS Code provides AI-powered development capabilities through GitHub Copilot, including agent mode, MCP servers, and chat tools. Organizations can centrally manage these features to control AI behavior, enforce security policies, and maintain compliance across their development teams.

This article covers the AI-related settings that IT admins can manage through enterprise policies.

Users can control the functionality and behavior of AI features through VS Code settings. Organizations can enforce specific configurations by deploying enterprise policies via device management solutions. These policies override user-configured settings on managed devices.

Learn how to deploy policies for VS Code to your organization's devices.

Enable or disable the use of agents

Agents enable the AI to autonomously perform tasks like editing files, running terminal commands, and using tools. Agents enable developers to provide a high-level requirement and have the AI assistant analyze, plan, and execute the necessary steps to achieve that goal.

To disable agents entirely, set the ChatAgentMode policy to false. This configures the chat.agent.enabledORG setting in VS Code.

The Agent option will not be available in the agents dropdown in the Chat view when this policy is applied. Developers can still use ask or edit for code explanations and file edits, but autonomous code generation and task execution are not available.

Enable or disable extension language tools

Tools in chat extend the AI assistant's capabilities with specialized functions. These tools can come from built-in features, Model Context Protocol (MCP) servers, or third-party extensions.

Third-party extensions can contribute tools that integrate with chat by using the Language Model Tools API.

To prevent developers from using extension-contributed tools while still allowing built-in tools and MCP tools, set the ChatAgentExtensionTools policy to false. This configures the chat.extensionTools.enabledORG setting in VS Code.

Configure MCP server access

Model Context Protocol (MCP) servers extend chat with external tools and services. Organizations can control which MCP servers developers can use through both GitHub organization settings and VS Code policies.

Restrict MCP server sources

The ChatMCP policy controls which sources MCP servers can be installed from. This configures the chat.mcp.accessORG setting in VS Code.

The following values are supported:

Configure a custom MCP registry

You can host a private MCP server registry for your organization and configure VS Code to use it through the McpGalleryServiceUrl policy. This enables you to:

• Provide a curated list of approved MCP servers
• Host internal MCP servers for your organization
• Block access to the public GitHub MCP registry

When configured, developers see MCP servers from your custom registry in the Extensions view when they enter @mcp in the search field.

Organizations with GitHub Copilot Enterprise or Business can also configure MCP server access through GitHub organization settings.

Configure agent tool approvals

Agent tools can perform actions that modify files, run commands, or access external services. VS Code includes approval prompts for potentially risky operations. Organizations can enforce stricter approval requirements or disable auto-approval entirely.

Learn more about tool approval in VS Code.

Disable global auto-approval

The ChatToolsAutoApprove policy controls the global auto-approval setting, also known as "YOLO mode". When enabled, the AI assistant can execute all tools without manual approval. This is not recommended for security reasons.

To prevent developers from enabling global auto-approval, set the ChatToolsAutoApprove policy to false. This configures the chat.tools.global.autoApproveORG setting in VS Code.

Require manual approval for specific tools

The ChatToolsEligibleForAutoApproval policy controls which tools can be auto-approved. Tools set to false always require manual approval and cannot be auto-approved by users.

Configure this policy with a JSON object that lists tool names and their approval eligibility. This configures the chat.tools.eligibleForAutoApprovalORG setting in VS Code.

The following JSON snippet shows an example configuration that requires manual approval for task execution, URL fetching, and terminal commands:

{
  "runTask": false,
  "fetch": false,
  "runInTerminal": false
}

Configure terminal auto-approval

The ChatToolsTerminalEnableAutoApprove policy specifically controls the rule-based auto-approval system for terminal commands. When enabled, VS Code applies a set of rules to automatically approve safe commands while prompting for potentially dangerous ones.

To disable terminal auto-approval entirely, set the policy to false. This configures the chat.tools.terminal.enableAutoApproveORG setting in VS Code.

Configure Copilot code review

Copilot code review enables AI-powered review of code changes. Organizations can control access to these features.

The CopilotReviewSelection policy controls whether developers can request code review for selected code in the editor. This configures the github.copilot.chat.reviewSelection.enabledORG setting in VS Code.

The CopilotReviewAgent policy controls access to the Copilot code review agent for reviewing pull requests and changed files. This configures the github.copilot.chat.reviewAgent.enabledORG setting in VS Code.

Security considerations

AI-powered development features can autonomously perform actions with user-level permissions. Refer to the security documentation for a comprehensive overview of AI security considerations and best practices.

Related resources

• Enterprise policies reference - Complete list of enterprise policies
• Use tools in chat - Learn how tools work in VS Code chat
• MCP servers in VS Code - Configure and use MCP servers
• AI security considerations - Security best practices for AI features