Setting permissions for AI Autodetection
On this page
To activate AI Code Autodetection, a SonarQube Cloud Organization Administrator must first check that the feature is enabled.
Then, a DevOps platform administrator must set the correct permission level in your AI-powered web service. For specific instructions in your DevOps platform, please refer to the applicable section below.
GitHub Copilot Business
When a SonarCloud administrator activates AI Code Autodetection for a SonarCloud organization, GitHub Copilot Business app administrators will receive an email notification to review the SonarCloud App's permission request. The App administrator should review the request and accept the Read-only access to GitHub Copilot Business.
With access to your GitHub Copilot Business App, SonarQube Cloud can evaluate users' GitHub Copilot usage and code contribution patterns to identify potential AI-generated code. If there is a match in user data, SonarQube Cloud will display the 
AI code detected status on the project’s Overview and Project Information pages.
SonarQube Cloud does not retroactively check older code from previous commits. In addition, projects that have the 
label applied by a Quality Standard administrator will be excluded from automatic AI code detection.
If the GitHub Copilot Business and Enterprise account administrator chooses to ignore the request, Sonar's AI Code Autodetection will be turned on, but not be activated.
Related pages
- Overview of SonarCloud's AI capabilities
- AI Code Autodetection
- Using AI CodeFix to get AI-generated fix suggestions
- To learn about AI Code Assurance:
Was this page helpful?
© 2008-2025 SonarSource SA. All rights reserved. SONAR, SONARSOURCE, SONARQUBE, and CLEAN AS YOU CODE are trademarks of SonarSource SA.
