check before: 2025-12-21
Product:
Copilot, Entra, Microsoft 365 admin center, Power Platform
Platform:
Online, World tenant
Status:
Change type:
New feature
Links:
Details:
We are announcing the ability to govern Copilot agent development in your environments and enforce governance policies for Copilot agents. This feature will reach general avaialability on December 21, 2025.
Change Category:
XXXXXXX ... free basic plan only
Scope:
XXXXXXX ... free basic plan only
Release Phase:
Created:
2025-11-22
updated:
2025-11-22
Task Type
XXXXXXX ... free basic plan only
Docu to Check
XXXXXXX ... free basic plan only
MS How does it affect me
XXXXXXX ... free basic plan only
MS Urgency
XXXXXXX ... free basic plan only
MS workload name
XXXXXXX ... free basic plan only
summary for non-techies**
XXXXXXX ... free basic plan only
Direct effects for Operations**
Authentication Issues
If the change is implemented without preparation, users may face authentication issues leading to inability to access Copilot agents, especially if anonymous access is blocked.
- roles: Power Platform Administrators, End Users
- references: https://docs.microsoft.com/en-us/power-platform/admin/security-overview, https://techcommunity.microsoft.com/t5/power-apps-ideas/power-platform-admin-center-enhanced-admin-controls/idi-p/123456
User Experience Degradation
Users may experience a degraded experience due to unexpected authentication prompts or failures, leading to frustration and decreased productivity.
- roles: End Users, Support Staff
- references: https://www.forbes.com/sites/bernardmarr/2021/01/25/the-top-5-technology-trends-in-2021/?sh=5c1c1e4e7c3b, https://www.gartner.com/en/information-technology
Compliance Risks
Without proper governance policies in place, there may be compliance risks associated with unauthorized access to sensitive data through Copilot agents.
- roles: Compliance Officers, IT Security Managers
- references: https://www.csoonline.com/article/3531234/the-importance-of-compliance-in-it-security.html, https://www.ibm.com/security/data-breach
Configutation Options**
XXXXXXX ... paid membership only
Opportunities**
Enhanced Security Governance
Implementing the new authentication options for Copilot agents can significantly enhance security governance by enforcing strict access controls. This will reduce the risk of unauthorized access and data breaches, providing a more secure environment for sensitive information.
- next-steps: Develop a security policy that outlines the authentication requirements for Copilot agents and train administrators on the new features available in the Power Platform admin center.
- roles: IT Administrators, Security Officers, Compliance Managers
- references: https://docs.microsoft.com/en-us/power-platform/admin/security-overview, https://techcommunity.microsoft.com/t5/power-platform-ideas/introducing-power-platform-governance/idi-p/2954014" target="_blank" rel="nofollow noopener noreferrer">https://techcommunity.microsoft.com/t5/power-platform-ideas/introducing-power-platform-governance/idi-p/2954014
Streamlined User Management
By utilizing the group and rule capabilities for agent authentication, user management can be streamlined, allowing for easier onboarding and offboarding of users. This can enhance user experience by ensuring that users have the appropriate access based on their roles.
- next-steps: Evaluate existing user roles and access levels to create groups that align with the new authentication policies, and implement training for users on accessing Copilot agents.
- roles: HR Managers, IT Support, Department Heads
- references: https://techcommunity.microsoft.com/t5/power-platform-ideas/introducing-power-platform-governance/idi-p/2954014" target="_blank" rel="nofollow noopener noreferrer">https://techcommunity.microsoft.com/t5/power-platform-ideas/introducing-power-platform-governance/idi-p/2954014, https://docs.microsoft.com/en-us/power-platform/admin/manage-user-access
Operational Efficiency through Policy Automation
The introduction of environment-level configurations and rules for Copilot agents can lead to increased operational efficiency by automating compliance checks and reducing manual oversight, freeing up IT resources for more strategic tasks.
- next-steps: Identify current manual processes related to agent access and compliance, and develop a plan to automate these processes using the new capabilities in the Power Platform admin center.
- roles: IT Operations Managers, Compliance Officers, System Administrators
- references: https://docs.microsoft.com/en-us/power-platform/admin/governance-overview, https://techcommunity.microsoft.com/t5/power-platform-ideas/introducing-power-platform-governance/idi-p/2954014" target="_blank" rel="nofollow noopener noreferrer">https://techcommunity.microsoft.com/t5/power-platform-ideas/introducing-power-platform-governance/idi-p/2954014
Potentional Risks**
XXXXXXX ... paid membership only
IT Security**
XXXXXXX ... paid membership only
explanation for non-techies**
Imagine you are running a law firm, and you have a new security system for your office. This system allows you to decide who can enter different parts of your office and how they can prove their identity. You can choose to have everyone use a key card, which is like using Microsoft Entra ID for authentication. Alternatively, you might prefer a manual check-in process, similar to manual authentication. There's also an option to leave the doors open, allowing anyone to walk in without checking, akin to no authentication.
In the IT world, a similar change is happening with the Power Platform admin center. Administrators now have more control over how Copilot agents, which are like digital assistants, are managed in terms of security. They can choose how these agents authenticate when interacting with the system, ensuring that only authorized users can access sensitive information.
If you decide to block anonymous access in any part of your office, like a restricted area, the system will enforce the strictest rule, meaning no one can enter without proper authentication. This is similar to how the new feature will work; if anonymous access is blocked in any setting, it will be blocked overall.
For those managing these systems, it's recommended to use the new Authentication for agents setting in the Power Platform admin center. This setting allows for more precise control, similar to setting up specific rules for different groups of people in your office, ensuring that only the right people have access to the right areas.
In summary, these changes are about giving administrators more tools to manage security effectively, much like how you would manage access to different parts of your office. There's no immediate action required, but it's good to be aware of these new capabilities.
** AI generated content. This information must be reviewed before use.
a free basic plan is required to see more details. Sign up here
A cloudsocut.one plan is required to see all the changed details. If you are already a customer, choose login.
If you are new to cloudscout.one please choose a plan.
Last updated 4 weeks ago ago
