Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
By using Copilot Studio, you can quickly create and deploy high-value agents for your users that connect to many data sources and services. Some of these sources and services might be external, non-Microsoft services. They might even include social networks, alongside connections to your organizational data.
Organizational data is the most important asset that administrators are responsible for safeguarding. The ability to use that data in a protected way, while still connecting and interacting with other services and systems, is a cornerstone of data security.
Data policies let you govern how agents connect and interact with data and services, both within and outside your organization. Administrators can configure Copilot Studio and Power Platform data policies in the Power Platform admin center.
Important
Since early 2025, data policy enforcement is in effect for all tenants, as announced in the message center alert MC973179: Copilot Studio - Upcoming updates to data loss prevention enforcement.
Agent data policy enforcement exemption is no longer supported. Agents that were previously exempted from data policy enforcement are all subject to enforcement.
Learn about troubleshooting data policy enforcement in your tenant.
Prerequisites
- Review concepts about data policies.
- Be a tenant admin or have the Environment Admin role.
Copilot Studio connectors and data groups
In the Power Platform admin center, you can classify Copilot Studio connectors within a data policy under the following data groups:
- Business
- Non-business
- Blocked
Use these connectors in data policies to protect your organization's data from any malicious or unintentional data exfiltration by your agent makers.
The default group in data policies is a category where connectors are automatically added when no explicit grouping is defined during their introduction. Connectors introduced after 2019, such as Chat without Microsoft Entra ID authentication in Copilot Studio or Direct Line channels in Copilot Studio, are likely to be part of the default "Non-business" group.
In many organizations, connectors in the "Non-business" group are automatically blocked. If a data policy blocks a connector in your Copilot Studio tenant, review which data group the connector is in.
Administrators can configure default groups at the data policy level in the Power Platform admin center.
Important
Copilot Studio supports data policy enforcement in real time. Agent makers and users see error messages for any data policy violation.
In a data policy, the connectors must be in the same data group because data can't be shared among connectors that are in different groups.
Common data policy use cases for Copilot Studio agents
You can use Copilot Studio connectors in the Power Platform admin center to configure data policies for the following common use cases:
- Require user authentication
- Block knowledge sources
- Block using Power Platform connectors as tools
- Block HTTP requests
- Block skills
- Block publishing to specific channels
- Block event triggers
The list of supported connectors in the Power Platform admin center includes a few more use cases.
Require user authentication
When you create a new agent, the Authenticate with Microsoft authentication option is on by default. The agent automatically uses Microsoft Entra ID authentication without requiring any manual setup. You can only chat with your agent in Microsoft Teams, SharePoint, Power Apps, or Microsoft 365 Copilot. However, agent makers in your organization can select No authentication to allow anyone with the link to chat with your agent.
To prevent agent makers from publishing agents that don't require authentication, configure a data policy that blocks the connector Chat without Microsoft Entra ID authentication in Copilot Studio.
Once you set up this data policy, agent makers can only use Authenticate with Microsoft or Authenticate manually to configure user authentication for agents in Copilot Studio, and agent users must authenticate themselves to chat with the agent.
Block knowledge sources
Use data policies to control which knowledge sources agent authors can use.
To prevent agent makers from publishing agents that use specific types of knowledge sources, configure a data policy that blocks one or more of the following connectors:
- Knowledge source with SharePoint and OneDrive in Copilot Studio
- Knowledge source with public websites and data in Copilot Studio
- Knowledge source with documents in Copilot Studio
Alternatively, if you want to allow or deny specific endpoints for SharePoint or public websites that makers can use as knowledge sources for their Copilot Studio agents, use endpoint filtering instead of blocking the selected connector.
Block using Power Platform connectors as tools
To prevent agent makers from using Power Platform connectors as tools in Copilot Studio agents, configure a data policy with the connectors you want to block.
Block HTTP requests
Agent makers in your organization can make HTTP requests by using the HTTP request node.
To prevent agent makers from publishing agents that make HTTP requests, configure a data policy that blocks the HTTP connector.
Alternatively, if you want to allow or deny specific HTTP endpoints instead of blocking all HTTP calls, you can use endpoint filtering.
Block skills
Agent makers in your organization can extend agents with skills. Skills can be a useful way of extending the functionality of agents. However, for security purposes, you might want to configure which skills agents can use.
To prevent agent makers from publishing agents that use skills, configure a data policy that blocks the Skills with Copilot Studio connector.
Block publishing to specific channels
Use data policies to configure the channels through which makers can publish agents.
To prevent agent makers from publishing agents to specific channels, configure a data policy that blocks one or more of the following connectors:
- Microsoft Teams + M365 Channel in Copilot Studio
- Direct Line channels in Copilot Studio (applies to the Demo website, custom websites, mobile app, and other Direct Line channels)
- Facebook channel in Copilot Studio
- Omnichannel in Copilot Studio
- SharePoint channel in Copilot Studio
- WhatsApp channel in Copilot Studio
Note
If makers don't configure their agents for a channel that isn't blocked (Direct Line channels are allowed by default), or if the administrators don't allow any channel, agents can't be published.
Block event triggers
Agent makers in your organization can add event triggers to agents. Event triggers allow your agents to react to external events without human prompting. However, you might want to restrict their use to prevent data exfiltration or unwanted consumption or quota usage.
To prevent agent makers from adding event triggers to their agents or running automated evaluations by using an authenticated account, configure a data policy that blocks the Microsoft Copilot Studio connector.
Connector names in the Power Platform admin center
The following table provides the name of connectors you can use in data policies for Copilot Studio agents.
| To prevent agent makers from... | Connector name in the Power Platform admin center |
|---|---|
| Connecting agents with Application Insights. | Application Insights in Copilot Studio |
| Publishing agents that aren't configured for authentication. | Chat without Microsoft Entra ID authentication in Copilot Studio |
| Publishing agents that make HTTP requests. | HTTP Supports endpoint filtering to allow or deny endpoints. |
| Publishing agents configured with documents as a knowledge source. | Knowledge source with documents in Copilot Studio |
| Publishing agents configured with public websites as a knowledge source. | Knowledge source with public websites and data in Copilot Studio Supports endpoint filtering to allow or deny endpoints. |
| Publishing agents configured with SharePoint as a knowledge source. | Knowledge source with SharePoint and OneDrive in Copilot Studio Supports endpoint filtering to allow or deny endpoints. |
| Publishing to Direct Line channels. | Direct Line channels in Copilot Studio |
| Publishing to the Dynamics 365 Customer Service channel. | Omnichannel in Copilot Studio |
| Publishing to the Facebook channel. | Facebook channel in Copilot Studio |
| Publishing to the SharePoint channel. | SharePoint channel in Copilot Studio |
| Publishing to the Teams and Microsoft 365 Copilot channel. | Microsoft Teams + M365 Channel in Copilot Studio |
| Publishing to the WhatsApp channel. | WhatsApp channel in Copilot Studio |
| Using event triggers in Copilot Studio agents or running automated evaluations using authenticated accounts. | Microsoft Copilot Studio |
| Using Power Platform connectors as tools in Copilot Studio agents. | Many prebuilt and custom connectors |
| Using skills in Copilot Studio agents. | Skills with Copilot Studio |
Configure a data policy in the Power Platform admin center
Sign in to the Power Platform admin center.
On the side bar, select Security, and then select Data and privacy. The Data protection and privacy page opens.
Select Data policy. The Data policies list appears.
Create a new data policy, or choose an existing data policy to edit:
- To create a new data policy, select New Policy, then enter the name you want.
- To edit an existing data policy, select the data policy and select Edit Policy.
Select Next. The Add an environment page appears.
- To add an environment to your data policy, select the environment in the Available tab, then select Add to policy.
- To remove an environment from your data policy, switch to the Added to policy tab, select the environment, then select Remove from policy.
Select Next. The Assign connectors page appears.
Use the search box to find the connector you want.
Select the three dots (⋮) next to the connector, then:
If you want to prevent agent makers from using the features associated with the connector, select Block.
If you want to allow or deny specific endpoints for SharePoint or public websites configured as knowledge sources, or for HTTP request:
- Select Configure connector > Connector endpoints.
- Add the endpoints or patterns you want, then select Save.
Select Next.
If you're a tenant admin, or an environment admin for multiple environments, the Define scope page opens.
Select the option you want:
- Add all environments: Adds all the environments in your entire tenant. This policy automatically applies to any new environment created in the tenant.
- Add multiple environments: Choose the environments to include in this policy.
- Exclude certain environments: Choose the environments to exclude from this policy.
Note
Policies with a tenant scope apply to all agents in all environments across the tenant.
Select Next.
Review your policy, then select Create policy if you're creating a new policy or Update policy if you're editing an existing policy.
Go to Copilot Studio and verify that it enforces your data policy as expected for your use case.
Confirm data policy enforcement in Copilot Studio
You can confirm that a data policy is in effect by opening an agent in Copilot Studio. After you attempt to perform an operation that's subject to the data policy, an error banner appears with a Details button. To see details, on the Channels page, expand the error link and select Download. In the details file, a row describes each violation. When a data policy violation occurs, the Publish button becomes unavailable.
- Confirm user authentication is required
- Confirm knowledge sources are blocked
- Confirm Power Platform connectors can't be used as tools
- Confirm HTTP requests are blocked
- Confirm skills are blocked
- Confirm publishing to specific channels is blocked
- Confirm event triggers are blocked
Confirm user authentication is required
When you open an agent that isn't configured to require user authentication in an environment with a data policy that requires it, an error banner appears with a Details button. To see details, on the Channels page, expand the error link and select Download. In the details file, a row describes each violation.
An agent maker can contact their admins with the spreadsheet details to make appropriate updates to the data policy.
Alternatively, the agent maker can update the agent's authentication settings to Authenticate with Microsoft or Authenticate manually (Azure Active Directory or Azure Active Directory v2) in the Authentication configuration page. See Configure user authentication in Copilot Studio.
Notice that No authentication and some manual authentication options aren't available for selection.
Confirm knowledge sources are blocked
In Copilot Studio, open an agent in an environment with a data policy that prevents makers from adding specific knowledge sources.
Go to the Knowledge page, select Add knowledge, and add a knowledge source that your data policy blocks.
Try publishing the agent. If the policy is enforced, an error banner appears with a Details button.
On the Channels page, expand the error link and select Download to see details. In the details file, if there's a data policy violation for a knowledge source, a row appears for the knowledge source and for each generative answers node that uses that knowledge source.
Confirm Power Platform connectors can't be used as tools
In Copilot Studio, open an agent in an environment with a data policy that prevents makers from configuring tools based on Power Platform connectors.
Create a new topic and add a Tool node.
In the Add a tool panel, switch to the Connectors tab and select a connector that your data policy blocks. Use the search box if needed.
Save the topic and try publishing the agent. If the policy is enforced, an error banner appears with a Details button.
On the Channels page, expand the error link and select Download to see details.
Note
Classic chatbots don't support Power Platform connectors.
Confirm HTTP requests are blocked
In Copilot Studio, open an agent in an environment with a data policy that blocks HTTP requests.
Create a new topic and add an HTTP request node. At a minimum, populate the URL property.
Save the topic and try publishing the agent. If the policy is enforced, an error banner appears with a Details button.
On the Channels page, expand the error link and select Download to see details. In the details file, a row appears with a description for each violation. A violation occurs if the HTTP connector is blocked, if the HTTP connector is in a different data group than other connectors in your data policy, or if the HTTP connector isn't blocked but an endpoint is denied.
Confirm skills are blocked
In Copilot Studio, open an agent in an environment with a data policy that prevents makers from configuring skills.
Try to add a skill to the agent. If the data policy is enforced, the Add a skill panel reports an error and suggests you contact an admin to add the skill to the allow list.
Confirm publishing to specific channels is blocked
In Copilot Studio, open an agent in an environment with a data policy that prevents makers from publishing to specific channels.
Try configuring a channel that the data policy blocks. If the data policy is enforced, you can't publish to that channel.
Confirm event triggers are blocked
In Copilot Studio, open an agent in an environment with a data policy that prevents makers from adding event triggers.
If the policy is enforced, a detailed error message appears in the Triggers section on the Overview page. The message mentions the name of the data policy and suggests you contact your admin.
Identify and troubleshoot the impact of data policies
To find agents that your organization's data policies might affect, you can:
Use the Power BI dashboard of the Center of Excellence (CoE) Starter Kit. The Copilot Studio overview page on the CoE Dashboard lists the agents and environments in your organization.
Note
Classic chatbots created by using the legacy Microsoft Copilot Studio app in Microsoft Teams aren't discoverable in the CoE Starter Kit. To get a list of all agents and classic chatbots in an environment, you can create a Power Automate cloud flow with a List rows from selected environment Dataverse action.
To address data policy errors or updated data policies, run a campaign with the agent makers in your organization. To download all agent data policy errors, select Details in the error notification banner and select Download from the error message details.
If data policies affect the functionality of your agents, see Troubleshoot data policy enforcement for Copilot Studio.
Add and update the "Learn more" and admin contact email links
Use the Set-PowerAppDlpErrorSettings PowerShell cmdlet to add an email address and a "Learn more" link to the data policy error messages.
To add the email address and "Learn more" link, run the following PowerShell script. Replace the values for the <email>, <URL>, and <tenant ID> parameters with your own.
$ContactDetails = [pscustomobject] @{
Enabled=$true
Email="<email>"
}
$ErrorMessageDetails = [pscustomobject] @{
Enabled=$true
Url="<URL>"
}
$ErrorSettingsObj = [pscustomobject] @{
ErrorMessageDetails=$ErrorMessageDetails
ContactDetails=$ContactDetails
}
New-PowerAppDlpErrorSettings -TenantId "<tenant ID>" -ErrorSettings $ErrorSettingsObj
To update an existing configuration, use the same PowerShell script, but replace New-PowerAppDlpErrorSettings with Set-PowerAppDlpErrorSettings.
Warning
These settings apply to all Power Platform apps within the specified tenant.