Skip to content

VS Code Github Copilot calling create_pull_request_with_copilot on remote MCP using fine-grained PAT gets 401 #942

New issue
New issue
Open
Open
VS Code Github Copilot calling create_pull_request_with_copilot on remote MCP using fine-grained PAT gets 401#942
Labels
bugSomething isn't working
@JuanjoFuchs

Description

@JuanjoFuchs
JuanjoFuchs
opened on Aug 21, 2025

Describe the bug

The create_pull_request_with_copilot function from the remote GitHub MCP server (https://api.githubcopilot.com/mcp/x/copilot) consistently returns "API returned status 401: Unauthorized" even when authentication appears to be properly configured. This affects the ability to create pull requests programmatically through GitHub Copilot's MCP integration.

Affected version

Remote GitHub MCP Server: https://api.githubcopilot.com/mcp/x/copilot
(This is the hosted service, not the self-hosted Docker version)

Steps to reproduce the behavior

  1. Create fine grained PAT

    Repository access
 This token has access to all repositories owned by the organization.
Organization permissions
 Read access to organization administration, organization copilot seat management, and organization private registries
Repository permissions
 Read access to metadata
 Read and Write access to actions, administration, code, codespaces, issues, pull requests, and workflows

  2. Make sure the owner of the PAT has a copilot seat and the copilot coding agent is enabled for the target repositories

    • I was able to assign a task to the coding agent using github.com UI in the target repo and get a pull request from it.

  3. Make sure other tools work with the PAT

    • I tested list_branches on the target repositories with the PAT and it worked

  4. Configure VS Code with GitHub Copilot authentication a the remote MCP server at https://api.githubcopilot.com/mcp/x/copilot

    "github_copilot": {
    "type": "http",
    "url": "https://api.githubcopilot.com/mcp/x/copilot",
    "headers": {
     "Authorization": "Bearer ${github_pat}"
    }
},

  5. Call mcp_github_copilo_create_pull_request_with_copilot with valid parameters:

    {
    "owner": "org",
    "repo": "repo", 
    "base_ref": "release/2025.8.21",
    "title": "Fix bug",
    "problem_statement": "Fix this bug..."
}

  6. Observe the 401 Unauthorized error response

    {
    "kind": "toolInvocationSerialized",
    "invocationMessage": {
    "value": "Running Perform task with GitHub Copilot coding agent",
    "isTrusted": false,
    "supportThemeIcons": false,
    "supportHtml": false
    },
    "pastTenseMessage": {
    "value": "Ran Perform task with GitHub Copilot coding agent ",
    "isTrusted": false,
    "supportThemeIcons": false,
    "supportHtml": false
    },
    "originMessage": {
    "value": "[github\\_copilot \\(MCP Server\\)](command:workbench.mcp.showConfiguration?%255B%2522mcp.config.usrlocal%2522%252C%2522mcp.config.usrlocal.github_copilot%2522%255D)",
    "isTrusted": true,
    "supportThemeIcons": false,
    "supportHtml": false
    },
    "isConfirmed": true,
    "isComplete": true,
    "resultDetails": {
    "input": "{\n  \"owner\": \"org\",\n  \"repo\": \"repo\",\n  \"base_ref\": \"release/2025.8.21\",\n  \"title\": \"Fix bug\",\n  \"problem_statement\": \"Fix bug...\"\n}",
    "output": [
        {
        "type": "embed",
        "isText": true,
        "value": "API returned status 401: Unauthorized\n"
        }
    ],
    "isError": true
    },
    "toolSpecificData": {
    "kind": "input",
    "rawInput": {
        "owner": "org",
        "repo": "repo",
        "base_ref": "release/2025.8.21",
        "title": "Fix bug",
        "problem_statement": "Fix bug..."
    }
    },
    "toolCallId": "eb01d33e-8afb-4b0e-b014-5a1150131e91",
    "toolId": "mcp_github_copilo_create_pull_request_with_copilot"
}

Expected vs actual behavior

Expected: The function should successfully create a pull request using GitHub Copilot's PR creation capabilities, returning a success response with the PR URL.

Actual: The function returns "API returned status 401: Unauthorized" indicating authentication failure, despite having valid GitHub Copilot authentication configured in VS Code.

Additional Context

  • Using the remote GitHub MCP server at https://api.githubcopilot.com/mcp/x/copilot (not Docker version)
  • The create_pull_request_with_copilot function is only available in this remote server, not in the self-hosted version
  • GitHub Copilot is properly authenticated in VS Code and other Copilot features work correctly
  • Other GitHub MCP functions from the repos server (https://api.githubcopilot.com/mcp/x/repos) work correctly with the same authentication setup
  • The issue appears to be specific to the Copilot MCP server endpoint or the PR creation function
  • This blocks automated workflows that depend on programmatic PR creation through Copilot
  • The error suggests either insufficient permissions for the Copilot service or an issue with the authentication flow between the MCP client and the remote Copilot server

Metadata

Metadata

Assignees

No one assigned

    Labels

    bugSomething isn't working

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions