Build what's next on GitHub, the place for anyone from anywhere to build anything.
Join us October 28-29 in San Francisco or online for GitHub Universe, our flagship developer event uniting people, agents, and the world's code.
Upgrade from a local MCP Docker image to GitHub’s hosted server and automate pull requests, continuous integration, and security triage in minutes — no tokens required.
Running the Model Context Protocol (MCP) server locally works, but managing Docker, rotating access tokens, and pulling updates is a hassle. GitHub’s managed MCP endpoint eliminates these infrastructure headaches, letting you focus on what you love — shipping code.
In this 201-level tutorial, we’ll walk through upgrading from the local MCP setup to GitHub’s managed endpoint. You’ll get OAuth authentication, automatic updates, and access to toolsets that open the door to richer AI workflows you simply can’t pull off with a bare‑bones local runtime.
You’ll also learn how to customize tool access with read-only modes, streamline your AI workflows with dynamic toolsets, and get ready for agent-to-agent collaboration using GitHub Copilot.
Instead of wrestling with Docker and personal access tokens on your machine, you point your IDE or agent host to https://api.githubcopilot.com/mcp/ and authenticate once with OAuth. GitHub handles the rest.
With our server, we enable the following toolsets by default, but you can disable anything you don’t need with a simple flag when you start the server:
Running the open source MCP server locally works, but it carries hidden costs. Here’s what changes when you go remote:
| Local Docker server | Hosted MCP endpoint |
|---|---|
| Maintain a Docker image, upgrade manually | GitHub patches and upgrades automatically |
| Manage personal‑access tokens (PATs) | Sign in once with OAuth; scopes handled for you |
| Expose the server on localhost only | Reachable from any IDE or remote‑dev box |
| Full write access unless you customise the binary | Built-in read‑only switch and per‑toolset flags |
If you need an air‑gapped environment, stick with local. For most teams, the hosted server eliminates infrastructure work and lets you focus on automation. With that, let’s dive in.
https://api.githubcopilot.comSetting up GitHub’s remote MCP server server is a breeze compared to local Docker-based installations. Hosted by GitHub, it eliminates the need for managing Docker containers or manually handling updates, offering a streamlined, cloud-native experience.
> GitHub MCP: Install Remote ServerSet the server URL to: https://api.githubcopilot.com/mcp/
Then authenticate when prompted.
If you see 200 OK, you’re good to go.
Once installed, the remote server replaces the local one, and you’re ready to roll. That means no more Docker or tokens, just a simple integration.
Working in a sensitive environment? Testing in production? Demoing to stakeholders? Flip the server to read-only mode:
The agent can read issues, pull requests, and code but can’t push changes. Perfect for code reviews where you want context without risk.
Need to review pull requests without modifying anything? This setup gives you safe, read-only access — perfect for browsing changes, leaving comments, or gathering context without risk of altering code.
You’ll now see tools like listPullRequests, getPullRequest, and searchPullRequests, but no write access. And since these tools don’t make changes, VS Code skips the permission prompts for a seamless experience.
Keep both developers and agents focused by exposing only the tools you need with the following command:
Add this array next to the mode field to hide everything else.
Want to see how Copilot agent mode works in practice? These real-world examples show how the agent can handle everyday developer tasks — like managing pull requests, debugging workflows, and triaging security alerts — without needing local setup or manual digging. Just prompt and go.
"Add a CODEOWNERS file for /api/** assigning @backend-team, then open a draft pull request."repos.create_file to add the CODEOWNERS file.pull_requests.open to create the pull request.pull_requests.request_reviewers to assign reviewers.No local cloning, no manual file creation. Just prompt and ship.
Prompt: _“Why did the release.yml job fail last night?”
_The agent pulls logs with actions.get_workflow_run_logs, analyzes the stack trace, and suggests fixes. It’s like having a senior engineer review your CI/CD failures.
Prompt: “List critical Dependabot alerts across all my repos and create issues for each.”
The server returns alerts via dependabot.list_dependabot_alerts, then the agent creates focused issues only where needed.
| Symptom | Likely cause | Fix |
|---|---|---|
| 401 Unauthorized on install | Left‑over GITHUB_TOKEN env var | Unset the var and rerun OAuth flow |
| Tools don’t appear | Corporate proxy blocks api.githubcopilot.com | Add proxy settings or allowlist the domain |
| Model times out | Large toolset enabled | Restrict to needed toolsets only |
The GitHub MCP server is actively evolving. Here’s what’s coming next:
Soon, the MCP server will detect and block AI-generated secrets, just like GitHub prevents you from pushing secrets in pull requests. You can override if needed, but the default protects your data, whether from a prompt injection or by accident.
Direct integration with Copilot’s coding agent means you’ll be able to:
The future is agents collaborating with agents, and GitHub MCP is the foundation.
The GitHub MCP project is fully open source and growing fast.
📌 Explore the repo: See how tools are built and contribute your own.
📌 File issues: Help shape the protocol and tooling.
📌 Join discussions: Connect with other builders on GitHub and Discord.
Whether you’re building tools, providing feedback, or exploring AI-powered development, there’s a place for you in the MCP ecosystem.
The GitHub remote MCP server removes infrastructure overhead so you can focus on building better automations. No more Docker babysitting, no more token rotation, just OAuth once and start shipping.
Remember: the best infrastructure is the infrastructure you don’t have to manage.
Read the full documentation to get started, or dive into the examples above and start experimenting today.
Read our guide to building secure and scalable remote MCP servers >