April 22, 2026 Microsoft is preparing to move GitHub Copilot to a token-based billing model, replacing its current request-based pricing structure. The change is expected to raise costs for many users while aligning pricing more directly with compute usage as Copilot’s operating expenses rise.

Internal documents indicate the shift has become more urgent as the cost of running Copilot has nearly doubled week over week since January. Under the new model, users will be charged based on the number of tokens processed, including both input prompts and generated output, rather than a fixed number of requests.

Today, Copilot’s Pro tier offers 300 requests per month, with additional requests available for purchase. However, a single request can consume multiple tokens depending on the model and prompt complexity, making token-based billing a more granular and potentially more expensive pricing mechanism.

The move reflects a broader transition away from subsidized AI usage. Microsoft has been absorbing much of the compute cost behind Copilot and other AI services, but the shift suggests a recalibration as usage scales. Planned changes include removing Anthropic’s Opus models from the standard Pro tier and reserving them for the higher-priced Pro+ plan, alongside tighter rate limits for some Business and Enterprise users. Trials for paid individual plans are also being suspended as the company attempts to limit abuse.

For developers, the change introduces a different cost model that ties directly to behaviour. Longer prompts, more complex queries, and larger outputs will all increase token consumption. This could encourage more efficient usage patterns, but it also adds a layer of cost management that did not exist under request-based pricing. Teams may need to revisit budgeting assumptions and adjust workflows to avoid unpredictable spending.

Alongside pricing changes, GitHub is introducing a set of security upgrades aimed at tightening control across development environments. These include removing SHA-1 from HTTPS connections, introducing scoped secrets to limit credential exposure, and enabling deterministic dependency locking in GitHub Actions. The platform is also adding more centralized execution policies and outbound network controls to reduce implicit trust in CI/CD pipelines.

These updates signal a broader shift in how AI-powered developer tools are packaged and sold. Pricing is moving closer to underlying compute economics, while platform-level controls are expanding to manage risk at scale. For teams already embedding AI into development workflows, both cost visibility and operational discipline are becoming part of the toolchain.