Contact Us 1-800-596-4880
  1. Homepage
  2. Exchange
  3. Administrator Tasks
  4. Discovering and Cataloging External Agents with Scanners

  5. Adding a Scanner for Microsoft Azure Copilot

Adding a Scanner for Microsoft Azure Copilot

Add a scanner to discover, import, and sync agents from Microsoft Azure Copilot into Exchange. Then you can govern the agents and consume them in other applications.

Before You Begin

This setup requires specific configurations and access privileges in Microsoft Copilot Studio and Power Platform so the scanner can access and list agents.

  • Prerequisites

    • An App Registration must be completed in the Azure Portal to generate necessary credentials.

  • Required Configuration Values:

    • Power Platform tenant ID

    • Power Platform client ID (Application ID)

    • Power Platform client secret

  • Required Permissions and Roles:

    Add the registered application as an Application User in Power Platform admin center and assign it the Copilot Studio Scanner Role security role.

  • Required Scopes:

High-level Steps to Configure Microsoft Copilot Studio

To configure Microsoft Copilot Studio before you add a scanner, review these high-level steps. For details, see the Microsoft Copilot Studio documentation.

  1. Create an app registration:

    1. Create a new app registration, select the account types, and register the application.

    2. Create client secrets and copy the values.

    3. Record these configuration values from the registered application. These values are required when adding a scanner in Exchange:

      • Client ID (Application ID)

      • Client Secret

      • Tenant ID (Directory ID)

  2. Configure permissions:

    1. In Power Platform, go to Environments and select the environment.

    2. Create a custom security role with read-only permission to the bot and botcomponents tables:

      1. Go to Security roles and add a new role.

      2. Add or select these values in the Create New Role panel, and then save:

        Field Value

        Role Name

        Copilot Studio Scanner Role

        Business Unit

        Select the business unit.

        Description

        Read-only access to scan Copilot Studio agent metadata.

        Applies To

        Copilot Studio scanning and auditing.

        Summary of Core Table Privileges

        Read access to the bot and botcomponents tables.

      3. From the Details page, enter bot to locate the Agent and Agent Component table records.

      4. Select Organization Access from the Read column for both Agent and Agent Component, and then save.

    3. In Power Platform admin center, create a new app user by selecting Application users and adding the app you created.

    4. Select the Business Unit and edit the Security Role by selecting the Copilot Studio Scanner Role that you created.

  3. After you complete these steps, add the scanner in Exchange.

Add a Scanner for Microsoft Copilot Studio

  1. Verify that you are in the business group where you want to add the scanner.

  2. From the sidebar in Exchange, click Agent Scanners.

  3. Enter a name for the scanner.

  4. From Scanner Run Configuration, complete these fields or options:

    Field/Option Value

    Run Schedule

    Select a frequency and time.

    Sync Review

    Select Auto-resolve.

  5. From Connection Configuration, complete these fields:

    Field Value

    Agent Provider

    Select Microsoft Azure Copilot.

    Authentication Method

    Select an option.

    Tenant ID

    Enter the tenant ID.

    Client ID

    Enter the client ID.

    Client Secret

    Enter the client secret.

    Scope

    Enter the URL.

  6. Click Test Connection.

    If the connection fails, review the Connection Configuration settings. Update the settings, and then test the connection again.

  7. To send email notifications:

    1. Select Advanced Settings and turn on Send Email Notifications.

    2. Enter an email address.

  8. Click Add Scanner.