Describe the bug
With a custom provider configured via COPILOT_PROVIDER_*, copilot -p works login-free, but copilot --acp --stdio gates session/new on a GitHub login (-32000 Authentication required). This is the same class of problem as #3048 (closed completed, said fixed ~1.0.61) and #3902 — the model routing fix from #3048 does not remove the ACP session auth gate. In a fully-private/air-gapped BYOK deployment (public egress denied, no github.com sign-in possible) this makes ACP unusable, even though the interactive/-p path runs fine.
Affected versions: 1.0.61 and 1.0.68 (both fail). Windows, IDE-independent — reproduced with a plain Node stdio JSON-RPC client (no IntelliJ/Zed).
Affected version
1.0.68
Steps to reproduce the behavior
Set COPILOT_PROVIDER_BASE_URL, COPILOT_PROVIDER_TYPE=azure, COPILOT_PROVIDER_API_KEY, COPILOT_MODEL (an OpenAI-compatible/Azure endpoint).
Confirm copilot -p "hi" works login-free with that env.
Spawn copilot --acp --stdio; send initialize (succeeds; authMethods:[copilot-login]), then session/new.
Observe session/new → {"code":-32000,"message":"Authentication required"}.
COPILOT_OFFLINE=true does not change the result.
Attachments: transcripts from acp-byok-repro.mjs for 1.0.61 and 1.0.68 (attached).
acp-byok-repro.mjs.txt
Expected behavior
Expected: When a BYOK provider is configured, --acp should create sessions without a GitHub login, matching -p/interactive behavior. Optionally honor COPILOT_GITHUB_TOKEN/GH_TOKEN/GITHUB_TOKEN or an env-based ACP auth method (per #3161) so headless/air-gapped clients can proceed.
Additional context
No response
Describe the bug
With a custom provider configured via COPILOT_PROVIDER_*, copilot -p works login-free, but copilot --acp --stdio gates session/new on a GitHub login (-32000 Authentication required). This is the same class of problem as #3048 (closed completed, said fixed ~1.0.61) and #3902 — the model routing fix from #3048 does not remove the ACP session auth gate. In a fully-private/air-gapped BYOK deployment (public egress denied, no github.com sign-in possible) this makes ACP unusable, even though the interactive/-p path runs fine.
Affected versions: 1.0.61 and 1.0.68 (both fail). Windows, IDE-independent — reproduced with a plain Node stdio JSON-RPC client (no IntelliJ/Zed).
Affected version
1.0.68
Steps to reproduce the behavior
Set COPILOT_PROVIDER_BASE_URL, COPILOT_PROVIDER_TYPE=azure, COPILOT_PROVIDER_API_KEY, COPILOT_MODEL (an OpenAI-compatible/Azure endpoint).
Confirm copilot -p "hi" works login-free with that env.
Spawn copilot --acp --stdio; send initialize (succeeds; authMethods:[copilot-login]), then session/new.
Observe session/new → {"code":-32000,"message":"Authentication required"}.
COPILOT_OFFLINE=true does not change the result.
Attachments: transcripts from acp-byok-repro.mjs for 1.0.61 and 1.0.68 (attached).
acp-byok-repro.mjs.txt
Expected behavior
Expected: When a BYOK provider is configured, --acp should create sessions without a GitHub login, matching -p/interactive behavior. Optionally honor COPILOT_GITHUB_TOKEN/GH_TOKEN/GITHUB_TOKEN or an env-based ACP auth method (per #3161) so headless/air-gapped clients can proceed.
Additional context
No response