{"meta":{"title":"Setting up Copilot SDK for backend services","intro":"Run GitHub Copilot SDK in server-side applications such as APIs, web backends, microservices, and background workers.","product":"GitHub Copilot","breadcrumbs":[{"href":"/en/copilot","title":"GitHub Copilot"},{"href":"/en/copilot/how-tos","title":"How-tos"},{"href":"/en/copilot/how-tos/copilot-sdk","title":"Copilot SDK"},{"href":"/en/copilot/how-tos/copilot-sdk/set-up-copilot-sdk","title":"Set up Copilot SDK"},{"href":"/en/copilot/how-tos/copilot-sdk/set-up-copilot-sdk/backend-services","title":"Backend services"}],"documentType":"article"},"body":"# Setting up Copilot SDK for backend services\n\nRun GitHub Copilot SDK in server-side applications such as APIs, web backends, microservices, and background workers.\n\n> \\[!NOTE]\n> Copilot SDK is currently in technical preview. Functionality and availability are subject to change.\n\nThe CLI runs as a headless server that your backend code connects to over the network.\n\n**Best for:** Web app backends, API services, internal tools, CI/CD integrations, any server-side workload.\n\n## How it works\n\nInstead of the SDK spawning a CLI child process, you run the CLI independently in **headless server mode**. Your backend connects to it over TCP using the `cliUrl` option. For detailed diagrams of the headless server architecture and how it compares to the default auto-managed CLI, see the `github/copilot-sdk` [repository](https://github.com/github/copilot-sdk/blob/main/docs/setup/backend-services.md#how-it-works).\n\nKey characteristics:\n\n* The CLI runs as a persistent server process, not spawned per request.\n* The SDK connects over TCP—the CLI and app can run in different containers.\n* Multiple SDK clients can share one CLI server.\n* Works with any authentication method (GitHub tokens, environment variables, BYOK).\n\n## Step 1: Start the CLI in headless mode\n\nRun the CLI as a background server.\n\n```shell\n# Start with a specific port\ncopilot --headless --port 4321\n\n# Or let it pick a random port (prints the URL)\ncopilot --headless\n# Output: Listening on http://localhost:52431\n```\n\nFor production, run it as a system service or in a container:\n\n```shell\n# Docker\ndocker run -d --name copilot-cli \\\n -p 4321:4321 \\\n -e COPILOT_GITHUB_TOKEN=\"$TOKEN\" \\\n ghcr.io/github/copilot-cli:latest \\\n --headless --port 4321\n```\n\n```shell\n# systemd\n[Service]\nExecStart=/usr/local/bin/copilot --headless --port 4321\nEnvironment=COPILOT_GITHUB_TOKEN=YOUR-GITHUB-TOKEN\nRestart=always\n```\n\n## Step 2: Connect the SDK\n\n### Node.js / TypeScript\n\n```typescript\nimport { CopilotClient } from \"@github/copilot-sdk\";\n\nconst client = new CopilotClient({\n cliUrl: \"localhost:4321\",\n});\n\nconst session = await client.createSession({\n sessionId: `user-${userId}-${Date.now()}`,\n model: \"gpt-4.1\",\n});\n\nconst response = await session.sendAndWait({ prompt: req.body.message });\nres.json({ content: response?.data.content });\n```\n\n### Python\n\n```python\nfrom copilot import CopilotClient\n\nclient = CopilotClient({\n \"cli_url\": \"localhost:4321\",\n})\nawait client.start()\n\nsession = await client.create_session({\n \"session_id\": f\"user-{user_id}-{int(time.time())}\",\n \"model\": \"gpt-4.1\",\n})\n\nresponse = await session.send_and_wait({\"prompt\": message})\n```\n\n### Go\n\n```golang\nclient := copilot.NewClient(&copilot.ClientOptions{\n CLIUrl: \"localhost:4321\",\n})\nclient.Start(ctx)\ndefer client.Stop()\n\nsession, _ := client.CreateSession(ctx, &copilot.SessionConfig{\n SessionID: fmt.Sprintf(\"user-%s-%d\", userID, time.Now().Unix()),\n Model: \"gpt-4.1\",\n})\n\nresponse, _ := session.SendAndWait(ctx, copilot.MessageOptions{Prompt: message})\n```\n\n### .NET\n\n```csharp\nvar client = new CopilotClient(new CopilotClientOptions\n{\n CliUrl = \"localhost:4321\",\n UseStdio = false,\n});\n\nawait using var session = await client.CreateSessionAsync(new SessionConfig\n{\n SessionId = $\"user-{userId}-{DateTimeOffset.UtcNow.ToUnixTimeSeconds()}\",\n Model = \"gpt-4.1\",\n});\n\nvar response = await session.SendAndWaitAsync(\n new MessageOptions { Prompt = message });\n```\n\n## Authentication for backend services\n\n### Environment variable tokens\n\nThe simplest approach—set a token on the CLI server:\n\n```shell\n# All requests use this token\nexport COPILOT_GITHUB_TOKEN=\"YOUR-SERVICE-ACCOUNT-TOKEN\"\ncopilot --headless --port 4321\n```\n\nReplace `YOUR-SERVICE-ACCOUNT-TOKEN` with your GitHub personal access token or OAuth token for the service account.\n\n### Per-user tokens (OAuth)\n\nPass individual user tokens when creating sessions:\n\n```typescript\n// Your API receives user tokens from your auth layer\napp.post(\"/chat\", authMiddleware, async (req, res) => {\n const client = new CopilotClient({\n cliUrl: \"localhost:4321\",\n githubToken: req.user.githubToken,\n useLoggedInUser: false,\n });\n\n const session = await client.createSession({\n sessionId: `user-${req.user.id}-chat`,\n model: \"gpt-4.1\",\n });\n\n const response = await session.sendAndWait({\n prompt: req.body.message,\n });\n\n res.json({ content: response?.data.content });\n});\n```\n\n### BYOK (no GitHub authentication)\n\nUse your own API keys for the model provider:\n\n```typescript\nconst client = new CopilotClient({\n cliUrl: \"localhost:4321\",\n});\n\nconst session = await client.createSession({\n model: \"gpt-4.1\",\n provider: {\n type: \"openai\",\n baseUrl: \"https://api.openai.com/v1\",\n apiKey: process.env.OPENAI_API_KEY,\n },\n});\n```\n\n## Common backend patterns\n\n### Web API with Express\n\n```typescript\nimport express from \"express\";\nimport { CopilotClient } from \"@github/copilot-sdk\";\n\nconst app = express();\napp.use(express.json());\n\n// Single shared CLI connection\nconst client = new CopilotClient({\n cliUrl: process.env.CLI_URL || \"localhost:4321\",\n});\n\napp.post(\"/api/chat\", async (req, res) => {\n const { sessionId, message } = req.body;\n\n // Create or resume session\n let session;\n try {\n session = await client.resumeSession(sessionId);\n } catch {\n session = await client.createSession({\n sessionId,\n model: \"gpt-4.1\",\n });\n }\n\n const response = await session.sendAndWait({ prompt: message });\n res.json({\n sessionId,\n content: response?.data.content,\n });\n});\n\napp.listen(3000);\n```\n\n### Background worker\n\n```typescript\nimport { CopilotClient } from \"@github/copilot-sdk\";\n\nconst client = new CopilotClient({\n cliUrl: process.env.CLI_URL || \"localhost:4321\",\n});\n\n// Process jobs from a queue\nasync function processJob(job: Job) {\n const session = await client.createSession({\n sessionId: `job-${job.id}`,\n model: \"gpt-4.1\",\n });\n\n const response = await session.sendAndWait({\n prompt: job.prompt,\n });\n\n await saveResult(job.id, response?.data.content);\n await session.disconnect(); // Clean up after job completes\n}\n```\n\n### Docker Compose deployment\n\n```yaml\nversion: \"3.8\"\n\nservices:\n copilot-cli:\n image: ghcr.io/github/copilot-cli:latest\n command: [\"--headless\", \"--port\", \"4321\"]\n environment:\n - COPILOT_GITHUB_TOKEN=${COPILOT_GITHUB_TOKEN}\n ports:\n - \"4321:4321\"\n restart: always\n volumes:\n - session-data:/root/.copilot/session-state\n\n api:\n build: .\n environment:\n - CLI_URL=copilot-cli:4321\n depends_on:\n - copilot-cli\n ports:\n - \"3000:3000\"\n\nvolumes:\n session-data:\n```\n\n## Health checks\n\nMonitor the CLI server's health:\n\n```typescript\n// Periodic health check\nasync function checkCLIHealth(): Promise {\n try {\n const status = await client.getStatus();\n return status !== undefined;\n } catch {\n return false;\n }\n}\n```\n\n## Session cleanup\n\nBackend services should actively clean up sessions to avoid resource leaks:\n\n```typescript\n// Clean up expired sessions periodically\nasync function cleanupSessions(maxAgeMs: number) {\n const sessions = await client.listSessions();\n const now = Date.now();\n\n for (const session of sessions) {\n const age = now - new Date(session.createdAt).getTime();\n if (age > maxAgeMs) {\n await client.deleteSession(session.sessionId);\n }\n }\n}\n\n// Run every hour\nsetInterval(() => cleanupSessions(24 * 60 * 60 * 1000), 60 * 60 * 1000);\n```\n\n## Limitations\n\n| Limitation | Details |\n| ----------------------------------------------- | --------------------------------------------------------------- |\n| **Single CLI server = single point of failure** | Consider high-availability patterns for production deployments. |\n| **No built-in auth between SDK and CLI** | Secure the network path (same host, VPC, etc.). |\n| **Session state on local disk** | Mount persistent storage for container restarts. |\n| **30-minute idle timeout** | Sessions without activity are automatically cleaned up. |\n\n## Next steps\n\n* For installation and your first message, see [Getting started with Copilot SDK](/en/copilot/how-tos/copilot-sdk/sdk-getting-started).\n* For information about resuming sessions across restarts, see [Session Persistence](https://github.com/github/copilot-sdk/blob/main/docs/features/session-persistence.md) in the `github/copilot-sdk` repository.\n* For information about adding user authentication, see [GitHub OAuth](https://github.com/github/copilot-sdk/blob/main/docs/setup/github-oauth.md) in the `github/copilot-sdk` repository."}