Setting permissions for AI autodetection
On this page
To activate AI Code Autodetection, a SonarQube Server Instance Admin must first check that the feature is enabled.
Then, a DevOps platform administrator must set the correct permission level in your AI-powered web service. For specific instructions in your DevOps platform, please refer to the applicable section below.
GitHub Copilot Business
When a SonarQube Server administrator activates AI Code Autodetection for a instance of SonarQube Server, GitHub Copilot Business app administrators must enable the GitHub integration. See Step 2: Enable your GitHub integration, for the complete details. Once enabling the integration in GitHub, the GitHub Copilot Business app administrator will receive an will receive an email notification to confirm the SonarQube App's permission request.
With access to your GitHub Copilot Business App, SonarQube Server can evaluate users' GitHub Copilot usage and code contribution patterns to identify potential AI-generated code. If there is a match in user data, SonarQube Server will display the 
AI code detected status on the project’s Overview and Project Information pages. The GitHub organization connected to Copilot should match the organization bound to SonarQube Server.
SonarQube Server does not retroactively check older code from previous commits. In addition, projects that have the 
label applied by a Quality Standard administrator will be excluded from automatic AI code detection.
If the GitHub Copilot Business and Enterprise account administrator chooses to ignore the request, Sonar's AI Code Autodetection will be turned on, but not be activated.
Related pages
- Overview of AI capabilities
- Setting up AI code autodetection
- Setting quality standards for AI Code Assurance
- Learning about AI CodeFix to get AI-generated fix suggestions
Was this page helpful?
© 2008-2025 SonarSource SA. All rights reserved. SONAR, SONARSOURCE, SONARQUBE, and CLEAN AS YOU CODE are trademarks of SonarSource SA.
