azure
24 TopicsWhy Your Copilot Studio Agent Fails in Production (And How to Fix It)
Most Copilot Studio tutorials show you how to build a chatbot. This post is about something harder: building agents that actually work in production. I architect enterprise agents at a hospitality company — handling customer email triage, HR workflows, helpdesk automation, and reporting pipelines across multiple systems. One of those agents reduced human handling time per customer email from ~12 minutes to under 2 minutes (88% reduction) by orchestrating sentiment analysis, CRM lookups, SOP research via child agents, and response drafting — all before a human agent ever opens the email. Here is what I've learned building at that scale. The Four Layers Every Enterprise Agent Needs Most teams design only the top layer and treat everything else as "we'll figure it out later." By the time the other layers become urgent — usually after an incident — they're too expensive to retrofit. Layer Component Conversation Topics · Entities · Adaptive Cards · NLU Orchestration Agent routing · Context passing · State Integration Connectors · Power Automate · Azure Functions Governance DLP · Auth · ALM · Monitoring · Logging Build the governance layer first. Design the conversation layer last. The demo will be slightly less impressive. The production deployment will be significantly more stable. The Three Mistakes I See Most Often 1. Slot-filling designed for the happy path The default Copilot Studio pattern collects parameters one by one. It breaks the moment your flow has conditional branches — which every real enterprise workflow does. Use intent-first routing instead: identify what the user wants before collecting any parameters, then branch to a sub-flow that collects only what that variant needs. 2. Multi-agent context that gets dropped When you delegate from a router agent to a capability agent, the receiving agent needs to know who the user is and what conversation state to preserve. Native session variables don't cross agent boundaries. Build an explicit context envelope — a JSON object passed at delegation time — that carries user identity, security scope, origin topic, and return context. Your agents become stateless with respect to each other. Context travels with the conversation. 3. No async pattern for slow integrations A synchronous request that works for a REST API returning in 200ms will silently fail for a legacy system query that takes 45 seconds. Design async from day one: submit to an Azure Service Bus queue, return a correlation ID, acknowledge the user, and use proactive messaging to deliver the result when it's ready. This is the single biggest gap between demos and production deployments. A Note on Authentication — Chatbots vs. Autonomous Agents This is a distinction most articles get wrong, so it's worth being explicit. Chatbots have a human on the other end of the conversation. Authentication options here include Entra ID SSO (works in Teams and SharePoint channels where the user's identity is delegated to the agent) or client ID + secret (validates against AD but without user delegation — the agent authenticates as itself, not as the user). Autonomous agents are different in a fundamental way: there is no human in the authentication loop. The agent authenticates using the identity of the account that owns and runs it. There is no SSO because there is no interactive user session. This distinction matters because the security model shifts entirely — you are no longer protecting a user session, you are protecting a service identity. This gets more interesting when your autonomous agent connects to non-Microsoft systems. There is no universal pattern here — it depends entirely on what the external system supports: - API Key / Secret — the most common pattern for SaaS integrations. The external system issues a scoped key specifically for this integration. Store it in Azure Key Vault or encrypted Power Platform environment variables, never hardcoded in a flow. The scoping question is critical: is this a full-admin key or a least-privilege key issued only for what this agent needs? - OAuth 2.0 Client Credentials (machine-to-machine) — the agent authenticates as itself using client ID + secret against the external system's auth server and receives a bearer token. No user involved, fully automated. - Basic Auth on legacy systems — still common in enterprise environments. Credentials must live in Key Vault, not in flow variables or connector configuration in plain text. - Custom connector with encrypted connection — Power Platform manages the auth at the connector level; credentials are stored encrypted and scoped to the environment. The governing principle across all of these: the identity the agent uses to call an external system should be issued specifically for that integration, scoped to only the permissions that agent needs, stored securely (Key Vault or encrypted environment variables), and auditable — meaning the external system's logs show the agent's calls as a distinct identity, not a shared admin account that 12 other things also use. Before You Go to Production — Quick Checklist [ ] Autonomous agent's owning account/service principal is scoped to least-privilege — access only to systems the agent needs, nothing broader [ ] Non-Microsoft system credentials stored in Azure Key Vault or encrypted environment variables — never hardcoded in flows [ ] Each external system integration uses a dedicated, scoped credential — not a shared admin account [ ] External system audit logs show the agent as a distinct, identifiable caller [ ] DLP policies configured per environment — production is strict, dev is permissive [ ] Dataverse schema finalized before topic design begins [ ] Error handling designed for every integration point with user-readable failure messages [ ] Async pattern in place for any integration that may take > 10 seconds [ ] ALM pipeline configured: Dev → Test → UAT → Prod with automated solution checker [ ] Application Insights connected with custom events for key agent actions [ ] Escalation rate baseline established with alert threshold configured The One Question to Ask Before Building Anything "What does success look like in six months, and what data does the agent need access to in order to achieve it?" That answer determines your Dataverse schema, your integration architecture, your authentication model, and your DLP policy — before a single topic is created. Agents designed from that question forward are maintainable and trusted by the business. Agents designed from the conversation layer down spend their first year in retrofitting mode. Happy to go deeper on any of these layers in the comments — particularly multi-agent context passing and the async pattern, which I find generate the most questions in enterprise deployments.168Views0likes0CommentsHigh Expert Summit 2026 - United by Community, Cloud, and AI
Community-driven events continue to be one of the strongest pillars of the Microsoft ecosystem—and the High Expert Summit, organized by MVPs and the High Expert community, is a powerful example of that impact in action. Hotmart’s headquarters in Belo Horizonte offered a wonderful venue for the conference due to its modern auditorium and event infrastructure. The summit delivered two intense days of immersion, combining technical depth, strategic discussions, and meaningful connections. With more than 150 in-person participants, attendees were highly engaged and focused on advanced Azure and AI topics—making it one of the most impactful community Azure events in Brazil. Belo Horizonte: Strategic Location, Real Impact From both participant and speaker perspectives, the choice of Belo Horizonte played a defining role in the event’s success. Although São Paulo often concentrates major technology events, Belo Horizonte—home to approximately 2.5 million people—has a strong industrial, technological, and innovation footprint. The region hosts major organizations such as ArcelorMittal, a global leader in steel and mining, and Localiza, one of Latin America’s largest mobility companies, founded in Belo Horizonte and operating across multiple countries, amongst many others. Belo Horizonte also counts with a solid startup network structure (SanPedro Valley - 1st startup community created in Brazil, BH-TEC technology park or the Seed -Startups and Entrepreneurship Ecosystem Development, governmental startup acceleration program) that pushes local entrepreneurs to create new technology-based goods and services. Professionals from these companies were actively present throughout the event, reinforcing how regional hubs outside the traditional tech “center” are deeply invested in cloud and AI transformation. For many attendees, this was the first event in months—or even years—of this scale and quality in the region. The summit clearly addressed a local demand, delivering an experience that had a visible and lasting regional impact. A Community-Led Event, Built by MVPs and New Voices From the very first moments—reception, venue, logistics, and overall organization—the conference demonstrated exceptional care and professionalism. The High Expert team, led by Guilherme Maia, delivered an experience widely praised by attendees for its structure, attention to detail, and high standards. A defining aspect of the event was the strong MVP presence, combined with intentional space for new and first‑time speakers. Most sessions were delivered by Microsoft MVPs, alongside Microsoft professionals and specialists working directly in the market—creating a balance between recognized expertise and fresh perspectives. One particularly meaningful moment was the first public presentation by Matheus Faria Nogueira, who shared a real-world use case focused on security posture management in a web application architecture on Azure. His session demonstrated how security can be embedded into architecture decisions from the start—highlighting both technical rigor and the importance of encouraging new community voices. Deep Technical Content with a Strong Security Focus Over two days, participants explored strategic and technical content covering Azure architecture, DevOps, Artificial Intelligence, innovation, career development, market trends, and the real challenges organizations face today. Security emerged as a key theme throughout the agenda. Among the highlights was the participation of Paulo Silva as a new speaker, presenting practical scenarios combining Microsoft Defender for Cloud and Microsoft Sentinel. His session showcased how organizations can achieve better visibility, detection, and response across hybrid and cloud environments using Microsoft’s security stack. Across sessions, a consistent message resonated with attendees: the value of hands‑on, experience‑driven content. Speakers went beyond slides, focusing on implementation details, lessons learned, and actionable guidance—an approach many participants highlighted as one of the event’s strongest differentiators. Networking, Connections, and Industry Impact Beyond technical sessions, the summit created space for high‑quality networking and collaboration. Conversations between architects, developers, MVPs, Microsoft professionals, and industry leaders fostered valuable exchanges among those actively shaping the future of Cloud and AI. These interactions led to concrete follow‑ups after the event, including discussions around applying Azure AI and object recognition technologies in industrial environments—demonstrating how community events often become catalysts for real innovation. Gratitude to the Community Behind the Event The success of the High Expert Summit was the result of collective effort. Special recognition goes to the event team, who worked behind the scenes to deliver what many described as one of their most challenging—and rewarding—projects to date. The event was elevated by outstanding speakers, including Johnson de Souza Cruz, Claudenir Andrade, Francisco Ferreira, Henrique Eduardo Souza, Elton Bordim, Osanam Giordane da Costa Junior, Gilson Banin, Rodrigo Fonseca, Daniel Ribeiro, Ieso Dias, Roberta Santos, Professor Rodrigo Moreira, and others—each contributing deep expertise, practical insight, and pride in representing the Microsoft MVP community. Support from the sponsors BHS, Advanced Informatica Ltda., and DCIT Tecnologia also played a key role in making the experience possible. Above all, sincere thanks go to every participant who invested their time, energy, and curiosity, turning the summit into a truly memorable community moment. Looking Ahead The event may have concluded, but the movement continues. The conversations, connections, and learning sparked in Belo Horizonte are already shaping what comes next. With overwhelmingly positive feedback and strong regional engagement, expectations are set high for future editions, including the next High Expert Summit anticipated in 2027. Once again, the Microsoft MVP community demonstrated its power to learn, connect, and build the future—together. Want to Learn More About the MVP Program? To find an MVP and learn more about the MVP Program visit the MVP Communities website and follow our updates on LinkedIn or #mvpbuzz. Join us for a future live session through the Microsoft Reactor where we walk through what the MVP program is about, what we look for, and how nominations work. These sessions are designed to help you connect the dots between the work you’re already doing and the impact the MVP Program recognizes — with time for questions, examples, and real conversations.GenAI for Scam & Fraud Detection
Chief Technology Officer and Microsoft Regional Director, Dr David Goad, recently highlighted the transformative potential of generative AI in combating financial scams, in a recent live stream on the Microsoft Reactor YouTube channel. With a wealth of experience in artificial intelligence and machine learning, David shared his expertise and insights, providing practical examples on the applications of generative AI and Azure AI Foundry for scam and fraud detection in the banking sector. The rise of digital banking and fraud David Goad began by setting the scene, discussing the significant shift towards digital banking over the past decade. This transition has brought numerous benefits, including convenience and access to information, but it has also led to a surge in financial scams and fraud. The banking industry, particularly in Australia, has seen billions of dollars lost annually due to these fraudulent activities. Key industry trends David highlighted several key trends and challenges in managing fraud and scams within the banking sector. He pointed out that phishing remains one of the most prevalent methods used by fraudsters, with targeted spear phishing and whale phishing aimed at senior individuals. This demographic is often targeted, leading to significant financial losses and stress. Additionally, phone calls, text messages, and emails are common delivery methods for scams. Opportunities for improvement with generative AI David Goad emphasized the opportunities for improvement in the scam detection process through the use of generative AI. He explained that generative AI can enhance various aspects of fraud detection, including identifying fraudulent emails and texts, summarizing customer complaints, categorizing complaints for efficient routing, and evaluating customer sentiment. By leveraging generative AI, banks can improve the accuracy and efficiency of their fraud detection processes, ultimately reducing customer frustration and enhancing service levels. Demonstrating generative AI for phishing detection To illustrate the practical application of generative AI, David demonstrated Azure AI Foundry and Azure OpenAI Studio. He showcased how generative AI can be trained to identify phishing emails by fine-tuning a model with a dataset of classified emails. The model that David presented, was able to classify emails as phishing or non-phishing and provide explanations for its decisions, demonstrating the potential for generative AI to streamline the fraud detection process. Learn more David Goad's presentation emphasized the transformative potential of generative AI in the banking sector and the opportunities that adopting generative AI can bring to help customer experiences. For those interested in learning more about this topic, David has written a LinkedIn article that delves deeper into the use of generative AI in fraud detection. To watch the full recording of David Goad's insightful presentation and technical demonstrations, visit the Microsoft Reactor YouTube channel.863Views0likes0CommentsIt's That Time – Get Set For Your Friday Five
First published on MSDN on Feb 02, 2018 Persistent Storage And Volumes Using Kubernetes On Azure With AKS Or Azure Container Service Pascal Naber helps companies embrace Microsoft Azure and build large scale distributed systems with modern architectures based on microservices467Views0likes0Comments