AI agents should require user authentication
Why This Matters
Allowing anonymous access to Copilot Studio agents introduces a significant security risk. Without user authentication, anyone with the agent's link can interact with it, potentially exposing sensitive data or functionality to unauthorized users. Enforcing authentication ensures that only verified users within your tenant can access and use each agent.
What Aether365 Checks
This check scans all Copilot Studio agents in your Microsoft 365 tenant and identifies any configured with no user authentication, meaning they permit anonymous access. It appears in the Aether365 dashboard under the microsoft-365 checks section.