Microsoft Copilot Studio + AxonFlow Integration
How to use this doc:
- Understanding the problem? Read sections 1–4
- Ready to implement? Jump to Integration Pattern
What Copilot Studio Does Well
Microsoft Copilot Studio is Microsoft's enterprise AI agent platform. Its strengths are substantial for Microsoft-centric organizations:
Native Microsoft 365 Integration: Deep integration with Teams, Outlook, SharePoint, and the entire Microsoft 365 suite. Build agents where your users already work.
Multi-Agent Orchestration: Build agent teams that collaborate on complex tasks. Agents can delegate and coordinate.
1,400+ Connectors: Power Platform and MCP connectors to enterprise systems. Connect to Salesforce, SAP, ServiceNow, and more.
GPT-4 Family Support: Access to the latest OpenAI models through Azure OpenAI. Enterprise-grade model access.
Microsoft Entra ID: Built-in authentication and identity. Leverage existing enterprise SSO.
Multi-Channel Deployment: Deploy to Teams, web, WhatsApp, and custom channels. Meet users where they are.
What Copilot Studio Doesn't Try to Solve
Copilot Studio focuses on agent building and Microsoft integration. These concerns are explicitly out of scope:
| Production Requirement | Copilot Studio's Position |
|---|---|
| Cross-platform policy enforcement | Not provided—policies are Azure-specific |
| Unified audit trails | Relies on Azure Monitor—not unified across AI systems |
| Per-agent cost attribution | Not tracked at agent level—Azure subscription level |
| Real-time PII blocking | Relies on Azure Content Safety—not custom policies |
| SQL injection prevention | Not provided—must implement in Power Automate flows |
| Multi-cloud governance | Not addressed—Azure-centric |
| Custom policy rules | Limited to Azure governance capabilities |
This isn't a criticism—it's a design choice. Copilot Studio handles Microsoft integration. Cross-platform governance is a separate concern.
Where Teams Hit Production Friction
Based on real enterprise deployments, here are the blockers that appear after the prototype works:
1. The Multi-Cloud Reality
The company uses Azure for Copilot Studio, AWS for other AI workloads, and GCP for data. One audit trail is needed. Copilot Studio's logging doesn't extend beyond Azure.
2. The Power Automate Cost Spiral
A Power Automate flow triggers an agent. The agent makes decisions. Each decision triggers more flows. By month-end, Power Automate costs have spiked unexpectedly.
Copilot Studio processed requests as designed. Flow costs weren't in scope.
3. The "What Did The Agent Access?" Question
The team is asked which SharePoint sites an agent accessed. Copilot Studio logs agent conversations, but connector-level access patterns require separate Azure Monitor queries and correlation.
4. The Security Review Block
Security review: BLOCKED
- No cross-platform audit trail (have AWS and GCP too)
- Policy enforcement varies by Azure service
- Cost attribution at subscription level, not agent level
- Custom governance rules limited
The Copilot Studio agents work perfectly. Multi-cloud governance doesn't fit.
5. The Third-Party Model Question
The team wants to use Claude alongside GPT-4 for different use cases. Copilot Studio is Azure OpenAI-centric. Adding Anthropic requires external orchestration.
How AxonFlow Plugs In
AxonFlow doesn't replace Copilot Studio. It sits underneath it—providing the governance layer that works across clouds and platforms:
┌─────────────────┐
│ Power Apps │
└────────┬────────┘
│
v
┌─────────────────┐
│ Copilot Studio │ <-- Agents, Flows, Microsoft 365
└────────┬────────┘
│
v
┌─────────────────────────────────┐
│ AxonFlow │
│ ┌───────────┐ ┌────────────┐ │
│ │ Policy │ │ Audit │ │
│ │ Enforce │ │ Trail │ │
│ └───────────┘ └────────────┘ │
│ ┌───────────┐ ┌────────────┐ │
│ │ PII │ │ Cost │ │
│ │ Detection│ │ Control │ │
│ └───────────┘ └────────────┘ │
└────────────────┬────────────────┘
│
v
┌─────────────────┐
│ Azure OpenAI │
└─────────────────┘
What this gives you:
- Unified audit trail across Azure, AWS, GCP
- Custom policy rules beyond Azure defaults
- PII detection with custom patterns
- Cost tracking per agent, per department
- Multi-model support (add Claude, Gemini, etc.)
What stays the same:
- Your Copilot Studio agents don't change
- Power Automate flows work as before
- Microsoft 365 integration unchanged
Setup Steps
- Deploy AxonFlow -- Follow the Getting Started guide to run AxonFlow (Agent on port 8080, Orchestrator on port 8081)
- Create a Custom Connector -- In Power Platform, create a custom connector pointing to your AxonFlow instance
- Configure Policies -- Create policies via the Orchestrator API for your Copilot Studio agents
- Build the Power Automate Flow -- Wire the connector into your agent's flow (see below)
- Test and Monitor -- Verify audit logs capture agent interactions
Power Automate Integration
AxonFlow integrates with Copilot Studio via Power Automate custom connectors. This allows you to add policy checks and audit logging to any Copilot Studio agent without modifying the agent itself.
Custom Connector Setup:
- Go to Power Automate > Custom Connectors > New custom connector
- Set the host to your AxonFlow instance (e.g.,
your-axonflow.example.com) - Add two actions:
- PreCheck --
POST /api/policy/pre-check(policy evaluation) - Audit --
POST /api/audit(log the LLM response)
- PreCheck --
- Configure authentication (API key or Basic auth)
Integration Pattern
Create a Power Automate flow that wraps Azure OpenAI calls with AxonFlow:
Flow Structure:
1. HTTP Trigger (receive agent request)
2. HTTP Action (AxonFlow pre-check)
3. Condition (check approval)
4. If approved: HTTP Action (Azure OpenAI)
5. HTTP Action (AxonFlow audit)
6. Response
Pre-Check Action:
{
"method": "POST",
"uri": "https://your-axonflow.example.com/api/request",
"headers": {
"Content-Type": "application/json"
},
"body": {
"user_token": "@{triggerBody()?['user_token']}",
"client_id": "copilot-studio-@{triggerBody()?['agent_id']}",
"query": "@{triggerBody()?['user_message']}",
"context": {
"department": "@{outputs('GetUserProfile')?['department']}",
"agent_type": "copilot-studio"
},
"request_type": "chat"
}
}
Audit Action:
{
"method": "POST",
"uri": "https://your-axonflow.example.com/api/audit",
"body": {
"context_id": "@{body('PreCheck')?['context_id']}",
"response_summary": "@{substring(body('AzureOpenAI')?['choices'][0]?['message']?['content'], 0, 200)}",
"provider": "azure-openai",
"model": "gpt-4",
"token_usage": {
"prompt_tokens": "@{body('AzureOpenAI')?['usage']?['prompt_tokens']}",
"completion_tokens": "@{body('AzureOpenAI')?['usage']?['completion_tokens']}"
}
}
}
Example Flow
A complete governed Copilot Studio conversation flow:
User sends message in Teams
│
v
Copilot Studio receives message
│
v
Power Automate triggered
│
├──> AxonFlow Pre-Check (POST /api/policy/pre-check)
│ │
│ ┌────┴────┐
│ │Approved?│
│ └────┬────┘
│ / \
│ Yes / \ No
│ v v
│ Azure Return "Request
│ OpenAI blocked by policy"
│ │
│ v
│ AxonFlow Audit (POST /api/audit)
│ │
v v
Copilot Studio returns response to user
More Examples
| Pattern | Language | Link |
|---|---|---|
| TypeScript Backend Service | TypeScript | copilot-studio |
| Go Multi-Agent Governance | Go | copilot-studio/go |
| Department Policy Routing | Power Automate | copilot-studio/power-automate |
