Skip to main content
Environment variables let you configure Copilot API without editing files, which is useful for Docker containers, scripted setups, and any environment where interactive prompts are not available. Variables are read at startup; changing them requires a server restart.

Variable reference

VariableDescriptionDefault
GH_TOKENGitHub personal access token. Skips the interactive OAuth flow. Must be a token generated by the auth subcommand.None
COPILOT_API_HOMECustom data directory for tokens, config.json, and admin.sqlite. Equivalent to --api-home.~/.local/share/copilot-api (Linux/macOS) or %USERPROFILE%\.local\share\copilot-api (Windows)
COPILOT_API_OAUTH_APPOAuth app identifier. Set to opencode to use the opencode GitHub Copilot OAuth app. Equivalent to --oauth-app.None (uses the default Copilot app)
COPILOT_API_ENTERPRISE_URLGitHub Enterprise hostname (e.g. company.ghe.com). Equivalent to --enterprise-url.None
ADMIN_TOKENToken required to access the Admin UI and Admin API from non-loopback addresses. When not set, admin routes are only accessible from localhost, 127.0.0.1, or ::1.None
ANTHROPIC_API_KEYAnthropic API key for accurate Claude token counting. Equivalent to anthropicApiKey in config.json. The token counting endpoint is free; a $5 minimum balance is required only to activate API access.None
COPILOT_API_KEYDeprecated. Legacy single API key for request authentication. Prefer auth.apiKeys in config.json. Used only when auth.apiKeys is empty.None
HTTP_PROXYHTTP proxy URL. Applied when you start the server with the --proxy-env flag.None
HTTPS_PROXYHTTPS proxy URL. Applied when you start the server with the --proxy-env flag.None

Usage examples

Providing a GitHub token directly

Useful in Docker or CI environments where interactive device-code authentication is not possible: 
GH_TOKEN=ghp_your_token npx @nick3/copilot-api@latest start

Setting a custom data directory

COPILOT_API_HOME=/opt/copilot-data npx @nick3/copilot-api@latest start

Using opencode OAuth

COPILOT_API_OAUTH_APP=opencode npx @nick3/copilot-api@latest start

Connecting to GitHub Enterprise

COPILOT_API_ENTERPRISE_URL=company.ghe.com npx @nick3/copilot-api@latest start

Enabling remote admin access

ADMIN_TOKEN=your_secure_token npx @nick3/copilot-api@latest start
Once set, include the token in admin requests as x-admin-token: <token> or Authorization: Bearer <token>.

Enabling Claude token counting

ANTHROPIC_API_KEY=sk-ant-... npx @nick3/copilot-api@latest start

Using a proxy

HTTPS_PROXY=http://proxy.example.com:8080 npx @nick3/copilot-api@latest start --proxy-env
Proxy variables (HTTP_PROXY, HTTPS_PROXY) are only read when you pass the --proxy-env flag to the start command. Without that flag, proxy settings are ignored even if the variables are set.

Variable precedence for API keys

When determining which API keys to enforce, the server checks in this order:
  1. auth.apiKeys in config.json (preferred)
  2. COPILOT_API_KEY environment variable (deprecated fallback)
  3. apiKey field in config.json (deprecated fallback)
If none of these are set, authentication is disabled and all requests are accepted.

Docker compose example

services:
  copilot-api:
    build: .
    ports:
      - "4141:4141"
    environment:
      - GH_TOKEN=your_github_token_here
      - ADMIN_TOKEN=your_admin_token_here
      - ANTHROPIC_API_KEY=sk-ant-...
    volumes:
      - ./copilot-data:/root/.local/share/copilot-api
    restart: unless-stopped
Never commit files containing GH_TOKEN, ADMIN_TOKEN, or ANTHROPIC_API_KEY to source control. Use secrets management or environment injection provided by your deployment platform.