Listen to this Post

Introduction:
As organizations rapidly deploy AI agents, centralized visibility into each agent’s model, authentication method, and orchestration logic becomes a critical security necessity. The Power Platform Admin Center’s new preview columns for Copilot Studio eliminate the need to inspect agents individually, offering tenant-wide transparency that directly impacts risk assessment, compliance auditing, and threat mitigation.
Learning Objectives:
- Identify and interpret the seven new preview columns to assess AI agent security postures at scale.
- Implement PowerShell and REST API commands to automate validation of agent authentication and model configurations.
- Apply hardening techniques for classic vs. generative orchestration to prevent prompt injection and data leakage.
You Should Know:
- Enumerating Agent Inventory with Admin Center & PowerShell
The new preview columns expose vital telemetry: Model Used (e.g., GPT-4, custom), Authentication Setup (OAuth2, no auth, Azure AD), and Orchestration Type (Classic or Generative). Before this feature, manual audits required opening each agent or deploying the Copilot Studio Kit.
Step‑by‑Step Guide to Enumerate and Audit Agent Security Settings
Step 1: Access Preview Columns in Power Platform Admin Center
– Navigate to https://admin.powerplatform.microsoft.com → Manage → Copilot Studio → Agents.
– Click “Columns” → Enable the 7 preview columns: Model, Authentication, Orchestration, Knowledge Sources, Data Loss Prevention (DLP) policy, Publishing Status, and Last Published Date.
Step 2: Automated Inventory via PowerShell (Requires Power Apps Admin Module)
Install and import module
Install-Module -Name Microsoft.PowerApps.Administration.PowerShell -Force
Import-Module Microsoft.PowerApps.Administration.PowerShell
Authenticate
Add-PowerAppsAccount
Retrieve all Copilot agents in the tenant
$agents = Get-AdminPowerApp -Filter "Type eq 'Copilot'"
Extract authentication and model data
$agents | ForEach-Object {
$agentDetails = Get-AdminPowerApp -AppName $<em>.AppName
[bash]@{
AgentName = $</em>.DisplayName
AuthType = $agentDetails.Properties.authenticationType
Model = $agentDetails.Properties.modelId
Orchestration = $agentDetails.Properties.orchestrationType
}
} | Export-Csv -Path "CopilotAudit.csv" -NoTypeInformation
Step 3: Check for High‑Risk Configurations
- No Authentication – Any agent without authentication is open to anonymous abuse. Immediately enforce Azure AD or OAuth.
- Classic Orchestration – Uses deterministic flows; less prone to prompt injection but rigid.
- Generative Orchestration – Dynamic LLM reasoning; high risk of prompt injection and data exfiltration. Require DLP policies.
Step 4: Use Graph API for Cross‑Tenant Compliance (REST)
Replace with actual tenant ID and token curl -X GET "https://api.powerplatform.com/copilot/agents?`$select=displayName,authentication,model,orchestrationType" ` -H "Authorization: Bearer $ACCESS_TOKEN" | jq '.' > agents_report.json
2. Authentication Hardening for Copilot Agents
Agents with weak authentication become vectors for privilege escalation or data theft. The new column “Authentication” reveals misconfigurations instantly.
Step‑by‑Step Guide to Remediate and Harden Authentication
Step 1: Identify Agents with “No Auth” or “Legacy OAuth”
– From the Admin Center, filter the Authentication column to sort by “No authentication” and “OAuth 1.0”.
Step 2: Migrate to Azure AD Conditional Access
– Open the agent in Copilot Studio → Settings → Security → Authentication.
– Select “Azure Active Directory” → Require users to sign in.
– Enforce Conditional Access policies (e.g., MFA, compliant device).
Step 3: Block Anonymous Access via PowerShell
Block anonymous use by updating the agent's properties $app = Get-AdminPowerApp -AppName "agent-name" $app.Properties.requiredLogin = $true Set-AdminPowerApp -AppName $app.AppName -Properties $app.Properties
Step 4: API Security – Validate Tokens on Custom Connectors
For agents using custom APIs, ensure OAuth 2.0 Client Credentials flow with scoped permissions.
Test token endpoint
curl -X POST https://login.microsoftonline.com/{tenant}/oauth2/v2.0/token `
-d "client_id=xxx" -d "client_secret=yyy" -d "scope=api://.default" -d "grant_type=client_credentials"
Verify token audience and roles
3. Orchestration Security: Classic vs. Generative
The “Orchestration” column flags which agents rely on generative LLM orchestration – a primary target for prompt injection attacks.
Step‑by‑Step Guide to Secure Generative Orchestration
Step 1: Identify Generative Agents
- In the Admin Center, sort by Orchestration = “Generative”.
- Prioritize agents that access sensitive data (SharePoint, SQL, or Service Bus).
Step 2: Implement Input Guardrails
- In Copilot Studio → Topic → Trigger → Add validation.
- Use regex or allowed list to block system prompt overrides (e.g., block phrases like “Ignore previous instructions”).
Example guardrail YAML</li> <li>name: "Block prompt injection" condition: "user_input contains 'ignore' AND user_input contains 'instructions'" action: "block and log"
Step 3: Apply Data Loss Prevention (DLP) Policies
- In Power Platform Admin Center → Data Policies → Create new policy.
- Block data connectors from generative agents (e.g., deny HTTP requests to external domains).
- Force all generative agents to use “Business” data classification only.
Step 4: Monitor Orchestration Logs with KQL
// Azure Monitor query for suspicious orchestration attempts CopilotOrchestrationLogs | where OrchestrationType == "Generative" | where Response contains "sensitive_data" or ErrorCode contains "prompt_injection" | project TimeGenerated, AgentName, UserPrincipalName, UserInput, Response
4. Model Auditing and API Hardening
The “Model” column reveals which LLM (e.g., GPT-3.5, GPT-4, custom) each agent uses. Older models lack modern alignment and are more vulnerable to adversarial inputs.
Step‑by‑Step Guide to Model‑Level Hardening
Step 1: Enforce Approved Model Versions
- Use PowerShell to script compliance checks:
$approvedModels = @("gpt-4", "gpt-4-turbo", "azure-gpt-4") $nonCompliant = $agents | where {$_.Properties.modelId -notin $approvedModels} $nonCompliant | Export-Csv "noncompliant_models.csv"
Step 2: Restrict Model Access via Azure Policy
- Assign policy “Allowed model SKUs for Copilot” to subscription.
{ "if": { "field": "Microsoft.Copilot/modelSku", "notIn": ["Standard_GPT4", "Standard_GPT4_Turbo"] }, "then": { "effect": "deny" } }
Step 3: Implement Rate Limiting and Token Filtering
- For publicly exposed agents, configure API Management (APIM) with rate limits (e.g., 100 requests/minute per user).
- Add inbound policy to reject malicious tokens:
<inbound> <choose> <when condition="@(context.Request.Headers.GetValueOrDefault("Authorization","").Contains("Bearer") == false)"> <return-response status="401" /> </when> </choose> </inbound>
What Undercode Say:
- Visibility is prevention: The new preview columns turn blind spots into audit-ready forensics; security teams can now enforce “no unauthenticated AI” policies tenant‑wide.
- Generative orchestration demands zero trust: Assume every generative agent can be jailbroken. Combine DLP, input guardrails, and real‑time logging to contain blast radius.
- Automate, don’t just observe: Use the provided PowerShell and REST scripts to continuously monitor and auto‑remediate misconfigurations before they become breaches.
Prediction:
Within 12 months, regulatory frameworks (e.g., EU AI Act, NIST AI RMF) will mandate exactly this level of agent inventory auditability. Platforms that fail to expose authentication and model columns will lose enterprise trust. Expect SIEM and SOAR integrations to ingest these preview columns natively, triggering automated incident response when a generative agent appears without MFA or with an unsupported model version. The Power Platform Admin Center’s move signals a broader shift: AI security will no longer rely on self‑reporting but on machine‑enforced, tenant‑wide telemetry.
▶️ Related Video (80% Match):
🎯Let’s Practice For Free:
IT/Security Reporter URL:
Reported By: Https: – Hackers Feeds
Extra Hub: Undercode MoN
Basic Verification: Pass ✅


