Microsoft recommends using the Model Context Protocol (MCP) as the standard approach for giving Copilot Studio agents secure, authenticated access to tools and data — including Microsoft 365 services. MCP acts as a secure bridge between your agent and external systems, replacing fragile custom API connectors with a standardized, governance-friendly protocol.
| Pattern | When to Use | Example |
|---|---|---|
| Platform-native orchestration | Internal flows with sub-agents, low complexity | Copilot Studio calling Power Automate flows |
| MCP | Secure, authenticated access to tools and data | Agent accessing SharePoint, Jira, Salesforce via MCP servers |
| A2A Protocol | Cross-platform messaging between agents from different vendors | Copilot Studio agent delegating to a LangGraph agent |
In the Maker Portal, navigate to Settings → Tools → Add an MCP Server. You can connect any MCP-compatible server using Streamable HTTP transport and OAuth 2.1 authentication. Once connected, the server's tools automatically appear as available actions in the agent's orchestration layer.
Microsoft provides first-party MCP servers for core M365 services, enabling agents to securely access:
Administrators now have access to Power Platform Inventory, a unified view of all cloud flows, Copilot Studio agent flows, and agent workflows across all environments in the tenant. This is essential for governance, compliance, and understanding the blast radius before making tenant-wide changes.