Remote GitHub MCP Server is now generally available
The remote GitHub MCP Server is now generally available. We’ve introduced OAuth-based authentication, expanded tooling, and improved security guardrails.
Improvements & updates
🔐 Production authentication
The GitHub MCP Server now supports OAuth 2.1 + PKCE with integration into all first-party Copilot IDEs (VS Code, Visual Studio, JetBrains, Eclipse, Xcode) as well as Cursor, providing a simpler and faster alternative to using personal access tokens (PATs). It’s also more secure than PATs with automatic token refresh and short-lived credentials. More third-party host apps are coming soon.
Additionally, the single “MCP servers in Copilot” policy now provides centralized control over MCP access across all Copilot environments.
Note: With general availability, the “Copilot editor preview policy” no longer controls OAuth access to the remote GitHub MCP Server.
🚀 Premium tools
The GitHub MCP server has added powerful capabilities that integrate deeply with GitHub’s advanced features, available with the appropriate paid licenses.
The Copilot Coding Agent tool brings autonomous development to your MCP workflows. Delegate tasks like bug fixes, feature implementations, or test improvements, and Copilot works independently in its own development environment behind the scenes. Coding Agent will create branches, write and edit code, run tests, and then open a pull request when the workflow is complete.
Secret scanning with push protection is now available for all public repositories at no cost, automatically detecting and blocking secrets in tool call inputs, with the option to bypass if needed. Coming soon, this same protection will extend to private GHAS-enabled repositories.
Code scanning alerts are now integrated, giving you direct access to security findings in GHAS-enabled repositories. This helps ensure vulnerabilities are caught early in the development process.
🛠️ New & improved tools
We’ve expanded the remote GitHub MCP Server’s capabilities to cover more of your daily GitHub workflows:
- Security advisories (org, repo, and global levels)
- Sub-issue management (add, list, remove, reprioritize)
- Pull request workflow improvements (draft toggle, reviewer requests)
- Enhanced gists and discussions support
- Improved session management and pagination
Why it matters
Reduce context switching between GitHub and your AI tools. The remote GitHub MCP Server enables AI assistants to work directly with your GitHub data through structured tool interactions. Whether you’re using GitHub Copilot, Claude Code, Cursor, or any MCP-compatible host, your agents can search repositories, manage issues, review pull requests, and more.