Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
By default, agents are secure. However, you can modify the default security settings for valid scenarios without knowing the risk. Copilot Studio automatically runs a security scan and warns makers before publishing.
Makers see risks when the following secure default settings are updated:
Set the authentication mode for an agent to No authentication to allow anyone who has the link to interact with the agent. The default agent authentication mode is Authenticate with Microsoft but makers can select No authentication instead. For more information, see Choose an authentication option.
The maker selects Maker-provided credentials option under Credentials to use for connectors and flows. The default option for connectors and flows is End user credentials, and the security scan provides a warning if the maker changes it to Maker-provided credentials. For more information, see Use connectors with maker-provided credentials.
The maker shares an agent with everyone in the organization. The default agent is shared with no one and makers can then share it with everyone in the organization. For more information, see Share an agent with everyone in the organization.