In mid-September 2025, Microsoft is set to launch a pivotal administrative feature within Microsoft 365, empowering IT administrators to oversee organization-wide sharing permissions for user-created Copilot agents. This initiative addresses escalating enterprise concerns regarding governance and security in the deployment of AI agents across organizational structures.
Key Highlights:
1. Tenant-Level Management: Microsoft is introducing a tenant-level feature within the admin center, enabling precise control over Copilot agent sharing permissions.
2. Flexible Permission Settings: Administrators can configure settings to allow all users, restrict all users, or permit specific groups to create sharing links.
3. Default Settings Remain Unchanged: Unless administrators customize the settings, the default sharing behavior will remain as is.
Enhanced Governance Controls:
The forthcoming administrative control will be accessible via the Microsoft 365 admin center by navigating through: Copilot > Settings > Data access > Agents. This granular control mechanism allows IT administrators to define which users or groups within their organization can generate organization-wide sharing links for agents developed using the Microsoft Copilot Studio Agent Builder.
This feature marks a significant advancement in Microsoft’s enterprise AI governance framework, enabling organizations to implement policy-driven access controls that align with their internal governance structures and compliance mandates.
By default, the existing sharing behavior remains unchanged, ensuring seamless continuity for organizations that do not require immediate policy adjustments. However, once the feature is implemented, administrators can configure three distinct permission levels:
– Allow All Users: Permits all users to create sharing links.
– Restrict All Users: Prevents all users from creating sharing links.
– Role-Based Access Control (RBAC): Grants specific users and security groups the ability to create sharing links.
Rollout Timeline:
The rollout is scheduled to commence with General Availability worldwide in mid-September 2025, with full deployment anticipated by late September 2025. This phased approach ensures minimal disruption to existing workflows while providing organizations ample time to assess their current agent sharing policies and implement appropriate controls.
From a technical standpoint, this feature addresses critical enterprise concerns regarding data governance and information security in AI-powered collaboration tools. Organizations can now establish comprehensive policies that prevent unauthorized distribution of proprietary AI agents while maintaining operational flexibility for approved users.
The control mechanism integrates seamlessly with existing Microsoft 365 security frameworks, leveraging established Azure Active Directory identity management systems.
Microsoft recommends that organizations proactively review their existing sharing policies and update settings according to their specific governance requirements. This strategic approach to AI agent management reflects the growing enterprise demand for sophisticated administrative controls in generative AI deployments, particularly as organizations increasingly rely on custom-built agents for sensitive business processes and proprietary data analysis.
