Marketplace trainings and events calendar (updated 04/23/26)
-Welcome to our calendar for accessing upcoming Marketplace trainings and events, along with links to recent resources. This page is a go-to resource for discovering training sessions and events designed specifically for software development companies related to Microsoft Marketplace. Whether you’re building innovative solutions or publishing to the commercial marketplace, you’ll find content to help you stay ahead in today’s fast-moving tech landscape. We’ve organized dedicated areas for partners and customers, making it easy to find sessions most relevant to your needs. Some events are upcoming, while others are past recordings that remain valuable for learning and growth. This page is updated frequently with new opportunities. Be sure to subscribe for notifications; instructions are provided at the bottom of this post. Explore the upcoming AI events below, revisit past sessions, and feel free to comment with any questions. ****Sessions updated as of 04/23/2026**** Partner and Channel Partner sessions Upcoming sessions Date Time Area Title Description Link 4/28/26 8:30 AM PDT Partner Session Maximize selling with Microsoft and Marketplace ROI Join us as WorkSpan shares real workflows used by partners who have closed over $5B in co-sell revenue with Microsoft. Learn best practices for navigating selling end-to-end with Microsoft. Maximize selling with Microsoft and Marketplace ROI - Microsoft Marketplace Community 05/07/26 8:30 AM PDT Partner Session Turning co-sell readiness into real Microsoft Marketplace revenue Join Clazar as they share insights on how to be co-sell ready and how to translate it into a meaningful pipeline and an active, revenue generating partnership with Microsoft sellers. Turning co-sell readiness into real Microsoft Marketplace revenue - Microsoft Marketplace Community 05/20/26 8:30 AM PDT Office Hours Marketplace Office Hours for Partners Tune in for updates, insights, and live Q&A to help you sell through Microsoft Marketplace. Topic TBD. May 2026 Office Hours 06/17/26 8:30 AM PDT Office Hours Marketplace Office Hours for Partners Tune in for updates, insights, and live Q&A to help you sell through Microsoft Marketplace. Topic TBD. June 2026 Office Hours Recent Recorded Sessions Date Area Title Description Link 04/15/26 Office Hours Seamless private offers: From creation to purchase and activation Join this Partner Center walkthrough of private offer execution from creation to customer purchase to partner activation View the recording 04/02/26 Partner Session Why Azure belongs in your multi-cloud strategy Tune in to hear WeTransact share when and why Azure should be part of your strategy. Find out how to replicate solutions for Azure. Hear why Marketplace-aligned companies are able to move quickly using Microsoft tools, funding, and incentives. View the recording 03/24/26 Partner Session Best practices for scaling Marketplace channel-led sales Join guest speaker team from Tackle as they walk through opportunities to scale partner driven revenue. Hear how to activate channel opportunities using multiparty private offers and learn when to leverage resale-enabled offers to expand partner reach. View the recording 03/18/26 Office Hours (Partner) Build, publish, and optimize Marketplace offers with App Advisor Learn what App Advisor is, how it works, and how it can help partners accelerate Marketplace offer creation. Live demo walk through; validating value to publishing and optimizing your listing. View the recording 03/11/26 Partner Session AI-powered automation for Marketplace private offers and IP co-sell Learn from guest speaker Jon Yoo, Suger, how software development companies can use AI-powered automation to simplify buying through Microsoft Marketplace, streamline private offers, and optimize co-selling opportunities. View the recording 02/25/26 Partner Session Inside Azure IP co-sell: What high-performing software developers do differently Get an inside look at the signals Microsoft uses to evaluate Marketplace and Azure IP co-sell readiness with insights from Barbara Treviño of Labra. Learn what top software companies do differently to accelerate approvals and boost GTM impact. View the recording 02/18/26 Office Hours (Partner) How to build a Microsoft Marketplace channel practice Building a successful Marketplace practice takes the right people, process, and strategy working together. Learn how top performing partners organize their teams across alliances, operations and leadership View the recording 1/21/26 Office Hours (Partner) Microsoft Partner Center reporting Get to know the Partner Center Insights and Earnings workspaces. Walk through Earnings, Customer, Order, Usage and Revenue reports. View the recording 12/18/25 Office Hours (Partner) Introducing resale enabled offers Explore resale enabled offers through Microsoft Marketplace. View recording 12/04/25 Partner Session AI-powered acceleration: scale faster on Microsoft Marketplace Go beyond listing basics and explore how Microsoft Marketplace can act as a strategic revenue engine. View recording 11/04/25 Partner Session How to structure your Microsoft Partner Center account for long-term success Learn best practices for setting up your Partner Center account for operational and marketplace success. View recording 08/28/25 Office Hours (Partner) Certified software designations: FY26 benefits updates Overview of certified software designations and FY26 benefit updates. View recording Customer sessions Upcoming sessions Date Time Area Title Description Link 04/29/26 8:30 AM PDT Office Hours (Customer) Using Microsoft Marketplace to optimize Azure spend For organizations with an Azure cloud commitment Microsoft Marketplace can be a powerful tool for optimizing how the spend is used. Explore how your organization can leverage its Azure commitment to support software investments through Microsoft Marketplace. Using Microsoft Marketplace to optimize Azure spend - Microsoft Marketplace Community 05/27/26 8:30 AM PDT Office Hours (Customer) Marketplace Office Hours for Customers Tune in for updates, insights, and live Q&A to help use Microsoft Marketplace. Topic TBD. May 2026 Customer Office Hour 06/24/26 9:30 AM PDT Office Hours (Customer) Marketplace Office Hours for Customers Tune in for updates, insights, and live Q&A to help use Microsoft Marketplace. Topic TBD. June 2026 Customer Office Hour Recorded sessions Date Area Title Description Link 03/25/26 Office Hours (Customer) Charting your AI strategy for manufacturing with Marketplace Build, buy, or blend? Gain the insights you need as a manufacturer to scale AI apps and agents across the factory floor using Microsoft Marketplace. Hear about practical manufacturing scenarios View the recording 02/25/26 Office Hours (Customer) Accelerate AI adoption through Microsoft Marketplace Explore practical AI use cases available through Microsoft Marketplace - from prebuilt AI apps and agents to AI-powered solutions that simplify deployment. View the recording 01/28/26 Office Hours (Customer) Optimize cloud cost and performance Learn proven strategies to accelerate time-to-value for cloud and AI investments using Microsoft Marketplace. View the recording 12/11/25 Office Hours (Customer) Chart your AI app and agent strategy Insights into build, buy, or blend approaches for AI apps and agents using Microsoft Marketplace. View recording 07/30/25 Office Hours (Customer) FinOps and the Microsoft Marketplace Learn how Microsoft Marketplace supports FinOps practitioners and accelerates AI transformation. View recording Subscribe to this post If you're not already a Tech Community member, create an account at techcommunity.microsoft.com. Select Subscribe from the three‑dot menu in the upper‑right corner of this post. Under Notification Settings, choose to be notified of edits and comments, and select whether you'd like updates immediately, daily, or weekly (weekly recommended). You can also subscribe to the entire Marketplace Community via the Marketplace Community homepage. ``Microsoft Marketplace at Channel Partners Conference
Microsoft Marketplace was a first-time sponsor of the 2026 Channel Partners Conference & Expo—the world’s largest channel event—held in Las Vegas, April 13-16. With 59% of cloud marketplace revenue expected to flow through channel, this event provided a clear opportunity to reinforce Marketplace as a core platform for channel‑led growth. The channel is central for customer Frontier transformation, and Marketplace helps power the commercial foundation, connecting partners, software companies, and customers through flexible, channel-led sales models that scale. Our team really enjoyed the conversations we had after our sessions, on the expo floor, and in private meetings! Did you attend Channel Partners Conference this year? We'd love to hear your takeaways! And if you missed the event, check out this article on the keynote delivered by Microsoft's Kevin LeBlanc, GM of Partner and Marketplace Marketing. Resources for software companies and channel partners are always available on our partner site.Turning co-sell readiness into real Microsoft Marketplace revenue
Achieving co-sell readiness in Microsoft Marketplace is only the beginning. Many software development companies reach this milestone but struggle to translate it into meaningful pipeline and consistent seller engagement. Join Microsoft partner and special guest Clazar as they break down what separates companies that are simply “co-sell ready” from those that successfully build active, revenue-generating partnerships with Microsoft sellers. Drawing on real-world insights from hundreds of marketplace partners, we’ll explore the operational habits, processes, and strategies that drive faster deal velocity, larger deal sizes, and stronger collaboration with the Microsoft field. You'll learn: How to create seller-focused collateral that drives Microsoft field engagement Best practices for working effectively with your Partner Development Manager (PDM) How to improve referral response times to increase co-sell opportunities You'll walk away with: A practical checklist to improve Microsoft seller engagement immediately Proven strategies to generate more co-sell opportunities A clearer understanding of how to operationalize your marketplace motion for consistent growth How do I participate? Select Add to calendar to save the date, then click the Attend button to save your spot, receive event reminders, and participate in the Q&A.* If you can’t make the live event, don’t worry. You can post questions in advance and catch up on the answers and insights later in the week. This session will be recorded and available on demand immediately after airing. It will feature AI-generated captions during the live broadcast. Human-generated captions and a recap of the Q&A will be available by the end of the week. * Don’t see the Attend button? Sign in to your Marketplace Tech Community account or register for the Tech Community and join the conversation!
Securing and governing AI agents before deployment
As AI agents become more embedded in business workflows, ensuring they are secure, governed, and compliant before deployment is critical. Join and learn how to provision, secure, and manage AI agents at scale using modern identity and governance practices. This session will explore how to establish strong guardrails across the entire AI agent lifecycle—helping prevent risks such as unauthorized access, Shadow AI, and agent sprawl. You’ll gain practical insight into how organizations are using Entra Agent ID to provision AI agents, manage credentials and service principals for agentic workflows, and enforce least-privilege access policies. The session will also highlight approaches to detecting unmanaged AI usage and implementing governance strategies that ensure every AI agent is accounted for before going live. During this session, you will: • Understand how to provision AI agents securely using Entra Agent ID • Learn best practices for managing identities, credentials, and service principals for agent workflows • Explore how to enforce least-privilege access across AI-driven systems • Discover strategies to detect Shadow AI and prevent uncontrolled agent sprawl • Learn how to govern AI agents throughout their lifecycle before deployment To view the session live, register here: Securing and Governing AI Agents Before They Go Live You can view previous Security for SDC series sessions on demand here: Security for SDC Series: Securing the Agentic EraIntroducing the New Microsoft Security Community Home!
We are excited to introduce the new home of the Microsoft Security Community! At aka.ms/securitycommunity, you can explore upcoming events, access technical content, and find new ways to connect with Microsoft experts and peers across the security ecosystem.Effective, engaging events in communities and storylines
Whether you’re running a company-wide broadcast, a training session, a Reddit-style “ask me anything” (AMA) or an in-person gathering, Viva Engage and Microsoft Teams help you host and manage more effective and engaging events. Events have always been central to employee communications. Viva Engage and events play a critical role in building trust, encouraging authenticity, and listening at scale. From highly produced hybrid all-hands to asynchronous AMAs, the new Viva Engage features are helping our leaders connect with employees, address what matters most, and build trust—all in one platform. - John Cirone, Senior Director of Global Employee and Executive Communications We are upgrading existing community live events and storyline AMA features with a simple model: three event types—broadcast, meeting, async—from any community or storyline, super-powered with a long list of event features you have asked for. The result: improved experiences for organizers, presenters and attendees both before, during and after the event. This blog post will detail what this means for you! These new events features start rolling out April 27 th . And guess what? All of these new features will be available to all Microsoft 365 commercial customers with access to Engage and Teams—no “premium” license will be required for events up to 10,000 attendees. New features: the highlights The new capabilities of Engage events—particularly the moderated feed with support for anonymous questions and upvotes—has transformed the way we empower our leaders to listen and respond to questions from employees. - Alexander Bradley, Senior Director of Executive Communications With that in mind, let’s start by exploring the new features for every event in every community and storyline: Events listing: Each community and storyline has a calendar of upcoming and past events—a destination for people to register for future events and catch up with events they missed. Event page: The home for your event is a branded landing page with a custom cover photo (coming soon), the event details and description. This is the “micro site” for your event to which you drive attendees. They can learn about the event, engage with it, join the live session, and catch up with the event if they missed it. Event feed: A new event feed enables you to share updates, solicit questions, ideas and feedback, and support engagement between attendees and presenters. The new event feed introduces support for optional anonymous posting and moderation which allows organizers to approve posts before they are made visible to attendees. The feed allows you to tune the event experience for the engagement you want to encourage and support; you can enable or disable questions, comments, reactions, and upvoting; and you can change the settings at any time. The event feed is available before, during and after the event, showing up on the event landing page in Engage and in the “Q&A” panel of Teams. Event recording: After the event, the recording is available on the event page, so attendees can review both the recording and the feed. You can now update the recording link, allowing you to make edits to the video. Calendaring options: Events in Engage support two models to support your efforts to drive demand and attendance. First, you can invite attendees directly from Outlook, putting an invitation directly in their calendar. This model supports scenarios where their attendance is expected. Or, you can drive attendees to the event page where they can add to calendar, supporting an “opt-in” model that gives attendees control of what is on their calendar. Or you can mix and match, inviting those attendees who really need to have it on their calendar and letting others opt in. Event analytics: You’ll have access to analytics throughout the lifecycle of your event. You’ll be able to see how many people attended, how they engaged in the event feed, and how people consumed the recording after the event. For broadcasts, you can also access Teams insights. Mobile app choice: Attendees can join events from either the Teams or Engage mobile apps, across both iOS and Android. Integration with enterprise search and Copilot: Content from public events serves as grounding for Microsoft 365 Copilot and enterprise search, amplifying the reach and impact of the knowledge and information you share in your event. Event types Now, let’s explore the three event types and what is different. BROADCAST is best for company-wide or large-scale events, launches, keynotes and organizational “town hall” or “all hands” events. Key characteristics: Deliver a high‑quality live stream that scales to large audiences Organizers control what appears on screen Attendees watch the event and participate using Q&A and reactions This experience is an upgrade to the legacy “live event” broadcast, with an advanced feed and a rich suite of production features. MEETING is best for collaborative sessions, presentations, training workshops, expert panels, and all of the regular “rhythm of business” events your team or department conducts. Key characteristics: Share camera, microphone, and screen in real time Organizers can control who can present and share Up to 1,000 people can participate in the live event A collaborative event can feel exactly like a Teams meeting, where anyone can share. Or it can be like a presentation or webinar, where only presenters can share. Or anything in between. ASYNC is best for soliciting questions, collecting feedback, and crowdsourcing ideas from employees. Conduct an offline, asynchronous event with no live presentation or video stream Host an "ask-me-anything" (AMA) during which leaders or experts answer questions Enhance an in-person event by engaging your audience before and after This experience features an event page and event feed, but no real-time video experience powered by Teams. You can gather questions, ideas and feedback before an in-person event, or host a text-only (asynchronous) event like a Reddit-style AMA that can connect people with experts even over longer periods of time. Why host events in a community instead of creating them from your calendar? Until now, you’ve had one way to create events: From your Teams or Outlook calendar, you can create a Teams meeting, a Teams webinar, or a Teams Town Hall. Why would you want to change where you create and host events? An event isn’t just a calendar entry; its impact continues outside of the event confines. New event features help employees who missed the live event catch up quickly, help moderators engage attendees, and help leaders close the loop by responding to remaining questions. The result is a richer, more durable record of the event, so your organization benefits from the information and knowledge long after the event ends. Here’s the short list of what you can do better when you create your event from a community: Provide a calendar of upcoming and past events. Communicate effectively to drive awareness and attendance. Engage your audience before, during and after the event. Leverage event analytics to measure and improve effectiveness. Amplify information and knowledge shared at the event, after the event. Integration with community objectives and experiences. If you have experience with Microsoft 365 and events, think of it this way: By creating an event in a community, you’re taking a Teams event and wrapping it with the superpowers of Engage to reach and engage your audience at scale, before, during and after your event. And remember communities are not just for Engage anymore! Communities (powered by Engage) will be available in Teams Chat, alongside your chats, channels, and meetings; so, your events and their content will be seamlessly integrated into the flow of work in Teams. Preview customers have used these new event capabilities at scale, for company-wide “all hands” events, departmental rhythm-of-business meetings, and an extraordinary number of internal AI learning events. We look forward to celebrating your successful events as you apply these features to share news and information, train people, and engage employees. Resources Organize an Engage event - Microsoft Support Attend an Engage event - Microsoft Support Monday Masterclass Season 2 – Week 4 Designing Events Employees Remember | Microsoft Community Hub
Copilot Studio Auditing
Hey team, While I'm doing research around copilot studio audting and logging, I did noticed few descripencies. This is an arcticle that descibes audting in Microsoft copilot. https://learn.microsoft.com/en-us/microsoft-copilot-studio/admin-logging-copilot-studio?utm_source=chatgpt.com I did few simualtions on copilot studio in my test tenant, I don't see few operations generated which are mentioned in the article. For Example: For updating authentication details, it generated "BotUpdateOperation-BotIconUpdate" event. Ideally it should have generated "BotUpdateOperation-BotAuthUpdate" I did expected different operations for Instructions, tools and knowledge update, I believe all these are currently covered under "BotComponentUpdate". Any security experts suggestion/thoughts on this?Join Marketplace at Microsoft Build!
The Marketplace team will be at Microsoft Build, June 2-3 in San Francisco, CA! We hope you'll join us in the Hub to meet with experts on how to build, publish, and monetize apps and agents with Microsoft Marketplace. "Favorite" the Marketplace lightning talk which covers the start-to-finish publishing process and highlights benefits and incentives available from Microsoft for software developers: Monetize apps and agents with Microsoft Marketplace Check out the full catalog to explore sessions across the topics: Cloud Platform & Data, Developer Tools & Frameworks, Apps & Agents, Model Training, Windows, and Responsible AI. Can't make it to San Francisco? You can always register for the digital experience. See you there!Microsoft Marketplace Partner Digest | April 2026
April kickstarts a fast-paced quarter of accelerated opportunity as partners line up new co‑sell motions and expand channel‑led sales—including resale‑enabled offers—to reach more customers across global markets, all while rapidly building and publishing transactable AI apps and agents to Microsoft Marketplace to meet growing customer demand. ✨ Microsoft Cloud AI Partner Program This month brings several important updates to Specializations and Solutions Partner designations, including revised performance criteria for the Small and Midsize Business Management specialization and new skilling options across Modern Work, Teams, and Digital & App Innovation. Microsoft is also evolving specializations to better reflect the shift toward AI—introducing the Secure AI Productivity specialization, retiring the Adoption and Change Management specialization, and preparing to merge several existing specializations into streamlined, solution‑aligned offerings. Learn more 🆕 What’s new in Partner Center MFA enforcement for Partner Center APIs Partner Center is now enforcing multifactor authentication (MFA) for all app + user API calls, with full enforcement as of April 1, 2026. Any requests made without a valid MFA token will be blocked with a 401 response and error code 900421. All APIs already support MFA, so update your systems now to avoid disruptions, strengthen security, and align with Partner Center requirements. Learn more 📈 Go-to-market with Microsoft Marketplace Microsoft has released a new collection of Azure go‑to‑market assets built specifically for SMB audiences, giving partners step‑by‑step guidance, tailored messaging, and ready‑to‑use materials to drive demand in a rapidly expanding market projected to surpass $1 trillion by 2030. This content library equips distributors, resellers, and service providers with everything needed to engage SMB customers at scale—from solution plays and sales resources to campaign‑ready materials—helping partners build pipeline, deepen customer conversations, and grow recurring cloud revenue. Partners can explore the full Azure SMB content collection to activate these assets in upcoming campaigns and accelerate their cloud practice growth. Explore resources to engage Azure SMB customers Reduced Microsoft Dragon Copilot pricing Partners can now access a full library of Dragon Copilot training and go‑to‑market resources, including sales pitch decks, messaging and positioning guides, demo materials, FAQs, data sheets, infographics, and more—each with detailed descriptions to help teams understand how and when to use them. These materials are designed to help Dragon Copilot partners confidently market, sell, and support the solution with consistent, enterprise‑ready content. Access Dragon Copilot partner assets Plus, new Microsoft Dragon Copilot partner resources Additionally, Microsoft has announced a reduced list price for the Dragon Copilot per‑user license, effective May 1, 2026, across all current geographies. This update simplifies pricing, expands competitiveness, and retires the separate Physician Practice offer, consolidating all capabilities into the standard license. A new per‑encounter consumption model for ambient and generative AI capabilities will also launch on May 1, making usage easier to understand and manage. Together, these changes create a more streamlined, cost‑effective path for partners to drive Dragon Copilot adoption and growth. Read the announcement Marketplace offer optimization recommendations in App Advisor Microsoft has introduced a new AI‑powered Marketplace listing optimization capability in App Advisor, giving partners instant, personalized recommendations to improve the clarity, quality, and discoverability of their public Marketplace listings. The tool evaluates listings across six key categories—from value proposition to grammar—and provides targeted guidance aligned with Marketplace best practices, helping partners iterate faster without manual review cycles. Available free and on demand in the US, this capability enables continuous optimization so partners can strengthen engagement, improve search visibility, and stand out in an increasingly competitive catalog. Get recommendations for your Marketplace offer 💡Stay up to date with regular Partner Center announcements 📅 Marketplace events The Marketplace trainings and events calendar is updated with new trainings, live demos, and partner‑focused sessions designed to help software companies and channel partners accelerate co‑sell, private offers, and Marketplace‑first sales growth. Catch up on recent webinars and register for upcoming events that break down proven strategies, best practices, and highlight tools and resources to strengthen your Marketplace motions. Recent events Why Azure belongs in your multi-cloud strategy April 2, 2026 This event helps Marketplace‑aligned software companies understand why incorporating Azure into their multi-cloud strategy can boost customer acquisition, deal velocity, and co‑sell success. Partners will hear how to replicate solutions for Azure, tap into Microsoft funding programs, leverage tools that speed time‑to‑market, and convert modernization efforts into sustained Marketplace growth 🎥 Watch the recording Upcoming events Seamless private offers: From creation to purchase and activation April 15, 2026 (8:30 AM PDT) Next week’s session with Stephanie_Brice and Chr_Brown will provide partners an end‑to‑end look at how to execute seamless private offers—from creating them in Partner Center to extending them across channel‑led sales motions such as multiparty private offers, CSP private offers, all the way through customer purchase and activation. With a live demo, guidance on resale enabled offers and flexible billing schedules, and time for Q&A, attendees will see exactly how private offers work in practice to streamline deal execution and accelerate Marketplace business growth. Register to attend Maximize selling with Microsoft and Marketplace ROI April 28, 2026 (8:30 AM PDT) Partners will learn how to simplify their Microsoft co‑sell motions, unlock underutilized incentives, and automate manual Partner Center tasks using WorkSpan. Drawing on workflows that have powered more than $5B in co‑sell revenue, this session covers how to apply for Azure sponsorship, earn and activate Marketplace Rewards benefits, and use WorkSpan’s AI‑powered platform to drive earlier seller actions and stronger partnership execution. It’s a practical guide to capturing more value from the Microsoft ecosystem. Register to attend Revisit past sessions and see the full calendar of Marketplace community events for partners and customers. Whether you’re expanding co‑sell motions, publishing new AI‑powered solutions, optimizing private‑offer execution, or tapping into updated programs like Dragon Copilot, the opportunities to reach more customers and accelerate growth continue to expand. As always, we welcome your insights and feedback—let us know what topics you’d like to see covered in a future post so we can continue shaping this digest around what matters most to you.Authorization and Governance for AI Agents: Runtime Authorization Beyond Identity at Scale
Designing Authorization‑Aware AI Agents at Scale Enforcing Runtime RBAC + ABAC with Approval Injection (JIT) Microsoft Entra Agent Identity enables organizations to govern and manage AI agent identities in Copilot Studio, improving visibility and identity-level control. However, as enterprises deploy multiple autonomous AI agents, identity and OAuth permissions alone cannot answer a more critical question: “Should this action be executed now, by this agent, for this user, under the current business and regulatory context?” This post introduces a reusable Authorization Fabric—combining a Policy Enforcement Point (PEP) and Policy Decision Point (PDP)—implemented as a Microsoft Entra‑protected endpoint using Azure Functions/App Service authentication. Every AI agent (Copilot Studio or AI Foundry/Semantic Kernel) calls this fabric before tool execution, receiving a deterministic runtime decision: ALLOW / DENY / REQUIRE_APPROVAL / MASK Who this is for Anyone building AI agents (Copilot Studio, AI Foundry/Semantic Kernel) that call tools, workflows, or APIs Organizations scaling to multiple agents and needing consistent runtime controls Teams operating in regulated or security‑sensitive environments, where decisions must be deterministic and auditable Why a V2? Identity is necessary—runtime authorization is missing Entra Agent Identity (preview) integrates Copilot Studio agents with Microsoft Entra so that newly created agents automatically get an Entra agent identity, manageable in the Entra admin center, and identity activity is logged in Entra. That solves who the agent is and improves identity governance visibility. But multi-agent deployments introduce a new risk class: Autonomous execution sprawl — many agents, operating with delegated privileges, invoking the same backends independently. OAuth and API permissions answer “can the agent call this API?” They do not answer “should the agent execute this action under business policy, compliance constraints, data boundaries, and approval thresholds?” This is where a runtime authorization decision plane becomes essential. The pattern: Microsoft Entra‑Protected Authorization Fabric (PEP + PDP) Instead of embedding RBAC logic independently inside every agent, use a shared fabric: PEP (Policy Enforcement Point): Gatekeeper invoked before any tool/action PDP (Policy Decision Point): Evaluates RBAC + ABAC + approval policies Decision output: ALLOW / DENY / REQUIRE_APPROVAL / MASK This Authorization Fabric functions as a shared enterprise control plane, decoupling authorization logic from individual agents and enforcing policies consistently across all autonomous execution paths. Architecture (POC reference architecture) Use a single runtime decision plane that sits between agents and tools. What’s important here Every agent (Copilot Studio or AI Foundry/SK) calls the Authorization Fabric API first The fabric is a protected endpoint (Microsoft Entra‑protected endpoint required) Tools (Graph/ERP/CRM/custom APIs) are invoked only after an ALLOW decision (or approval) Trust boundaries enforced by this architecture Agents never call business tools directly without a prior authorization decision The Authorization Fabric validates caller identity via Microsoft Entra Authorization decisions are centralized, consistent, and auditable Approval workflows act as a runtime “break-glass” control for high-impact actions This ensures identity, intent, and execution are independently enforced, rather than implicitly trusted. Runtime flow (Decision → Approval → Execution) Here is the runtime sequence as a simple flow (you can keep your Mermaid diagram too). ```mermaid flowchart TD START(["START"]) --> S1["[1] User Request"] S1 --> S2["[2] Agent Extracts Intent\n(action, resource, attributes)"] S2 --> S3["[3] Call /authorize\n(Entra protected)"] S3 --> S4 subgraph S4["[4] PDP Evaluation"] ABAC["ABAC: Tenant · Region · Data Sensitivity"] RBAC["RBAC: Entitlement Check"] Threshold["Approval Threshold"] ABAC --> RBAC --> Threshold end S4 --> Decision{"[5] Decision?"} Decision -->|"ALLOW"| Exec["Execute Tool / API"] Decision -->|"MASK"| Masked["Execute with Masked Data"] Decision -->|"DENY"| Block["Block Request"] Decision -->|"REQUIRE_APPROVAL"| Approve{"[6] Approval Flow"} Approve -->|"Approved"| Exec Approve -->|"Rejected"| Block Exec --> Audit["[7] Audit & Telemetry"] Masked --> Audit Block --> Audit Audit --> ENDNODE(["END"]) style START fill:#4A90D9,stroke:#333,color:#fff style ENDNODE fill:#4A90D9,stroke:#333,color:#fff style S1 fill:#5B5FC7,stroke:#333,color:#fff style S2 fill:#5B5FC7,stroke:#333,color:#fff style S3 fill:#E8A838,stroke:#333,color:#fff style S4 fill:#FFF3E0,stroke:#E8A838,stroke-width:2px style ABAC fill:#FCE4B2,stroke:#999 style RBAC fill:#FCE4B2,stroke:#999 style Threshold fill:#FCE4B2,stroke:#999 style Decision fill:#fff,stroke:#333 style Exec fill:#2ECC71,stroke:#333,color:#fff style Masked fill:#27AE60,stroke:#333,color:#fff style Block fill:#C0392B,stroke:#333,color:#fff style Approve fill:#F39C12,stroke:#333,color:#fff style Audit fill:#3498DB,stroke:#333,color:#fff ``` Design principle: No tool execution occurs until the Authorization Fabric returns ALLOW or REQUIRE_APPROVAL is satisfied via an approval workflow. Where Power Automate fits (important for readers) In most Copilot Studio implementations, Agents calls Power Automate (agent flows), is the practical integration layer that calls enterprise services and APIs. Copilot Studio supports “agent flows” as a way to extend agent capabilities with low-code workflows. For this pattern, Power Automate typically: acquires/uses the right identity context for the call (depending on your tenant setup), and calls the /authorize endpoint of the Authorization Fabric, returns the decision payload to the agent for branching. Copilot Studio also supports calling REST endpoints directly using the HTTP Request node, including passing headers such as Authorization: Bearer <token>. Protected endpoint only: Securing the Authorization Fabric with Microsoft Entra For this V2 pattern, the Authorization Fabric must be protected using Microsoft Entra‑protected endpoint on Azure Functions/App Service (built‑in auth). Microsoft Learn provides the configuration guidance for enabling Microsoft Entra as the authentication provider for Azure App Service / Azure Functions. Step 1 — Create the Authorization Fabric API (Azure Function) Expose an authorization endpoint: HTTP Step 2 — Enable Microsoft Entra‑protected endpoint on the Function App In Azure Portal: Function App → Authentication Add identity provider → Microsoft Choose Workforce configuration (enterprise tenant) Set Require authentication for all requests This ensures the Authorization Fabric is not callable without a valid Entra token. Step 3 — Optional hardening (recommended) Depending on enterprise posture, layer: IP restrictions / Private endpoints APIM in front of the Function for rate limiting, request normalization, centralized logging (For a POC, keep it minimal—add hardening incrementally.) Externalizing policy (so governance scales) To make this pattern reusable across multiple agents, policies should not be hardcoded inside each agent. Instead, store policy definitions in a central policy store such as Cosmos DB (or equivalent configuration store), and have the PDP load/evaluate policies at runtime. Why this matters: Policy changes apply across all agents instantly (no agent republish) Central governance + versioning + rollback becomes possible Audit and reporting become consistent across environments (For the POC, a single JSON document per policy pack in Cosmos DB is sufficient. For production, add versioning and staged rollout.) Store one PolicyPack JSON document per environment (dev/test/prod). Include version, effectiveFrom, priority for safe rollout/rollback. Minimal decision contract (standard request / response) To keep the fabric reusable across agents, standardize the request payload. Request payload (example) Decision response (deterministic) Example scenario (1 minute to understand) Scenario: A user asks a Finance agent to create a Purchase Order for 70,000. Even if the user has API permission and the agent can technically call the ERP API, runtime policy should return: REQUIRE_APPROVAL (threshold exceeded) trigger an approval workflow execute only after approval is granted This is the difference between API access and authorized business execution. Sample Policy Model (RBAC + ABAC + Approval) This POC policy model intentionally stays simple while demonstrating both coarse and fine-grained governance. 1) Coarse‑grained RBAC (roles → actions) FinanceAnalyst CreatePO up to 50,000 ViewVendor FinanceManager CreatePO up to 100,000 and/or approve higher spend 2) Fine‑grained ABAC (conditions at runtime) ABAC evaluates context such as region, classification, tenant boundary, and risk: 3) Approval injection (Agent‑level JIT execution) For higher-risk/high-impact actions, the fabric returns REQUIRE_APPROVAL rather than hard deny (when appropriate): How policies should be evaluated (deterministic order) To ensure predictable and auditable behavior, evaluate in a deterministic order: Tenant isolation & residency (ABAC hard deny first) Classification rules (deny or mask) RBAC entitlement validation Threshold/risk evaluation Approval injection (JIT step-up) This prevents approval workflows from bypassing foundational security boundaries such as tenant isolation or data sovereignty. Copilot Studio integration (enforcing runtime authorization) Copilot Studio can call external REST APIs using the HTTP Request node, including passing headers such as Authorization: Bearer <token> and binding response schema for branching logic. Copilot Studio also supports using flows with agents (“agent flows”) to extend capabilities and orchestrate actions. Option A (Recommended): Copilot Studio → Agent Flow (Power Automate) → Authorization Fabric Why: Flows are a practical place to handle token acquisition patterns, approval orchestration, and standardized logging. Topic flow: Extract user intent + parameters Call an agent flow that: calls /authorize returns decision payload Branch in the topic: If ALLOW → proceed to tool call If REQUIRE_APPROVAL → trigger approval flow; proceed only if approved If DENY → stop and explain policy reason Important: Tool execution must never be reachable through an alternate topic path that bypasses the authorization check. Option B: Direct HTTP Request node to Authorization Fabric Use the Send HTTP request node to call the authorization endpoint and branch using the response schema. This approach is clean, but token acquisition and secure secretless authentication are often simpler when handled via a managed integration layer (flow + connector). AI Foundry / Semantic Kernel integration (tool invocation gate) For Foundry/SK agents, the integration point is before tool execution. Semantic Kernel supports Azure AI agent patterns and tool integration, making it a natural place to enforce a pre-tool authorization check. Pseudo-pattern: Agent extracts intent + context Calls Authorization Fabric Enforces decision Executes tool only when allowed (or after approval) Telemetry & audit (what Security Architects will ask for) Even the best policy engine is incomplete without audit trails. At minimum, log: agentId, userUPN, action, resource decision + reason + policyIds approval outcome (if any) correlationId for downstream tool execution Why it matters: you now have a defensible answer to: “Why did an autonomous agent execute this action?” Security signal bonus: Denials, unusual approval rates, and repeated policy mismatches can also indicate prompt injection attempts, mis-scoped agents, or governance drift. What this enables (and why it scales) With a shared Authorization Fabric: Avoid duplicating authorization logic across agents Standardize decisions across Copilot Studio + Foundry agents Update governance once (policy change) and apply everywhere Make autonomy safer without blocking productivity Closing: Identity gets you who. Runtime authorization gets you whether/when/how. Copilot Studio can automatically create Entra agent identities (preview), improving identity governance and visibility for agents. But safe autonomy requires a runtime decision plane. Securing that plane as an Entra-protected endpoint is foundational for enterprise deployments. In enterprise environments, autonomous execution without runtime authorization is equivalent to privileged access without PIM—powerful, fast, and operationally risky.
