Jessie A Ellis
Oct 07, 2025 10:14
GitHub now allows Enterprise Cloud customers to configure a single proxy header for multiple Enterprise Managed Users, enhancing access restrictions across multiple enterprises.
GitHub has announced a significant update for its Enterprise Cloud customers, enabling them to configure a single proxy header to restrict traffic across multiple Enterprise Managed Users (EMU) accounts. This new capability aims to streamline network management and security for organizations with multiple enterprises, according to The GitHub Blog.
Enhanced Access Control
Previously, GitHub’s enterprise access restrictions required a separate configuration for each enterprise ID within a proxy header. This setup was limited to traffic related to specific EMU accounts and GitHub Copilot from github.com. The latest update simplifies this process by allowing a single proxy header to include multiple enterprise IDs, accommodating up to 20 IDs. This change is particularly beneficial for organizations with distinct business entities within the same network due to acquisitions or strategic data classification.
Implementation Process
To leverage these enhanced access restrictions, enterprise owners must follow a set of steps. Each enterprise should enable the “Enterprise access restrictions” setting found under “Authentication security.” Furthermore, network proxies or firewalls must be configured to inject a header formatted as sec-GitHub-allowed-enterprise: ENTERPRISE1-ID, ENTERPRISE2-ID, ... into users’ requests to github.com. This header ensures that GitHub recognizes and permits requests from valid members of any configured EMU enterprises.
Integration with Copilot
The network restrictions will work in conjunction with access rules that allow GitHub Copilot traffic for enterprise-managed users. Different network policies manage Copilot access, controlling which version (Enterprise, Business, or Individual) is permitted on the network. For detailed configuration guidance, GitHub provides resources on managing proxy servers or firewalls for Copilot.
Data Residency Considerations
GitHub also suggests that enterprises exploring EMU or those in early adoption stages consider GitHub Enterprise Cloud with data residency. This option offers a unique subdomain, aiding in differentiating traffic and meeting data residency requirements. Such a solution is optimal for customers needing both network controls and data residency compliance.
For more detailed information on these updates, visit the official announcement on The GitHub Blog.
Image source: Shutterstock
Source: https://blockchain.news/news/github-expands-enterprise-access-restrictions-multiple-accounts