Deploying an Agentic Service to Microsoft 365 Copilot with Delegated OBO Access

2026-04-24 · Source: Microsoft Foundry Blog articles · Field: Technology & Digital — Artificial Intelligence & Machine Learning, Cloud Computing & IT Infrastructure, Software Development & Engineering · Depth: Advanced, long

Summary

This guide details a method for deploying existing agentic services to Microsoft 365 Copilot without requiring a full rewrite into Copilot-native agents. The architecture involves placing a stateless M365 Gateway in front of an existing agentic service, allowing the service to retain its original orchestration logic, framework choices, and session management. The gateway handles the Bot Framework protocol, validates channel tokens, performs the first On-Behalf-Of (OBO) token exchange, and translates Copilot conversations into the service's native API. This approach enables user-delegated access to downstream services like databases and APIs via chained OBO flows, with the agentic service validating inbound service tokens and managing its own OBO chain. The deployment requires two Entra ID app registrations (one for the service, one for the gateway/Bot) and specific configuration for admin consent and Azure Bot OAuth connections.

Key takeaway

For AI Architects or MLOps Engineers integrating custom agentic services with Microsoft 365 Copilot, this pattern offers a robust alternative to full rewrites. You should implement a dedicated M365 Gateway to handle protocol translation and initial OBO, allowing your existing agentic service to maintain its framework and logic. This preserves control over orchestration and enables secure, user-delegated access to downstream APIs via chained OBO, significantly reducing refactoring effort and accelerating deployment.

Key insights

Deploy existing agentic services to Microsoft 365 Copilot using a gateway for protocol adaptation and chained OBO authentication.

Principles

• Separate trust boundaries for gateway and agentic service.
• User tokens never leave the OBO chain.
• JWT validation is non-negotiable at each boundary.

Method

Deploy a stateless M365 Gateway to adapt Bot Framework protocol and perform OBO #1, then forward to a stateful agentic service that validates tokens and performs OBO #2 for downstream access.

In practice

• Use ContextVar for async-safe OBO assertion passing.
• Implement session management with owner isolation and concurrency locks.
• Build a thin, reusable gateway for multiple agentic services.

Topics

• Microsoft 365 Copilot Integration
• Agentic Service Deployment
• On-Behalf-Of (OBO) Access
• M365 Gateway Architecture
• Entra ID App Registration

Code references

• james-tn/dbx-mcp-copilot

Best for: AI Engineer, AI Architect, MLOps Engineer

Related on AIssential

• Deploying Existing Agentic Services to Microsoft 365 Copilot via Gateway and OBO — Deploy existing agentic services to M365 Copilot by using a stateless gateway and chained On-Behalf-Of token exchanges for user-delegated access.
• Extending MCP support for Amazon Bedrock AgentCore Gateway — AgentCore Gateway centralizes MCP server governance, enabling scalable, secure, and stateful enterprise agent workflows.
• Microsoft's AI Futurist explains how he uses Copilot — and the real-world problems enterprises are solving with agents — Microsoft's agent strategy centers on providing a comprehensive platform for context, governance, identity, and secure data access, alongside diverse model choices.
• Agentic AI in the Enterprise Part 2: Guidance by Persona — Operationalizing agentic AI requires a cross-functional operating model, not just advanced technology.
• Unlocking the Codex harness: how we built the App Server — The Codex App Server unifies agent interactions via a stable, bidirectional JSON-RPC protocol for diverse client applications.
• Self-managed observability: Running agentic AI inside your boundary — Self-managed AI deployments necessitate robust internal observability for operational accountability and system reliability.

Open in AIssential →

Editorial summary, takeaway, and curation by AIssential. Original article published by Microsoft Foundry Blog articles.