Copilot Studio

Implementation Guide

Workshop date: YYYY-MM-

V1.4
Success by Design

Success by Design is Microsoft’s framework for Power

Platform implementations

The framework is designed around 3 principles:

Early Discovery
Proactive Guidance
Predictable Success

Success by Design brings the learnings and experiences

from thousands of customer deployments to make your
journey to the cloud smoother, faster and successful.
Typical Success by Design engagement lifecycle

Initiate Implement Prepare Operate

Get ready to start Design Build Deploy Live

Kick-off Go-Live

Regular touchpoints

Success story
Go-live publishing
Implementation
readiness checks
Review Submit your story here:
aka.ms/ShareAIStory

• Deep-dive architecture discussions

• Roadblock identification & mitigation
• Preview discussions & participation
Implementation Guide
Agenda
The objective is to understand the various aspects of the project
and provide recommendations, guidance, best practices, and
Project overview highlight any risks or gaps in the plan.
It is also an opportunity to discuss product roadmap and release
Architecture overview alignment.
Language
Attendees: key stakeholders from the customer
AI capabilities
and partner: project leads, solution architects,
Integrations functional and technical leads.
Requirements: filling the implementation review
Channels and hand off
document, at least partially. If needed, the content
Security, monitoring & governance can be reviewed and discussed in multiple
sessions throughout the implementation.
Application lifecycle management
Out of scope: defining a solution architecture
Analytics & KPIs based on the review, providing product training,
or performing code reviews.
Fit-gap & top requests
Dynamics 365 Omnichannel (optional)
Instructions for customers and partners
How to fill this document:
Complete each slide providing the required information
Post-it notes should be removed: their purpose is only to provide example answers.
Skip and hide slides that are not applicable to your project.
Add more slides to capture the required information if needed.
Do not hesitate to paste your own slides and existing content.
Reach out if you have questions on the format or content.
Send the completed deck before the review workshops.
Store the document in a shared SharePoint location if possible.
Feedback on this guide? Share it here
Project Overview  Business overview
 Project overview & copilot purpose
 Stakeholders
 Project planning
 Target KPIs
 Assumption & concerns
Why copilot?
Copilots are the new chatbots

Throughout this document, we refer to copilots instead of bots or chatbots.

This reflects the new branding of Power Virtual Agents into Copilot Studio.

Microsoft Copilot Studio is an end-to-end conversational AI platform that empowers you to

create and customize copilots using natural language or a graphical interface. With Copilot
Studio, you can easily design, test, and publish copilots that suit your specific needs for internal
or external scenarios across your industry, department, or role.

With more immersive UX and next-generation AI capabilities, copilots are the new chatbots.

Watch: Understanding Copilots at Microsoft (video)

 Why do we ask these questions?
Business overview • Knowing more about your organization and
business unit helps us better understand your
use cases.
Provide an overview of your organization with a focus on your business unit • Depending on your industry, we may have
specific guidance or share similar
implementation patterns.

Information we’re looking for:

• Overview of your organization.
Example answer (you can delete this) • Feel free to include logos and key metrics
(number of employees, revenue, etc.).
Contoso Corporation is a fictional but representative • If the project applies to a specific subsidiary,
global manufacturing conglomerate with its business unit, department or team, please
headquarters in Paris. also describe it here.

2022 key figures:

• 40k employees
• 16 countries
• $20B revenue in 2022

The Global Modern Workplace department is a team of 100 reporting to

the CDO and is responsible for the modernization of workforce tools
and processes across the company. One of the key principles of the
modernization strategy is to use low code
solutions and AI to empower employees and help them achieve more
and be more productive.
 Why do we ask these questions?
Project overview & copilot purpose • Understanding the project and what problem
your copilot is trying to solve is key to make
relevant recommendations or share similar
Provide an overview of the project and the business problems the copilot is trying to solve implementation patterns.
• Knowing who your end-users are will also
be useful to understand the copilot
deployment channels requirements.

Information we’re looking for:

Example answer (you can delete this) • What are the current business challenges that
this project will help address?
Enterprise information is disseminated across the organization and • What is the purpose and main features of the
maintained in silos that different teams are responsible for. An internal copilot?
employee survey revealed a high dissatisfaction about the time spent to • Who are the end-users of the copilot?
find answers internally. • Is this a migration project?
The Employee Copilot is planned to be available to all 40k Contoso
Corporation employees in Microsoft Teams as an app and in the global
internal portal as a chatbot.
The copilot is expected to leverage AI and existing knowledge sources
to answer employee questions on HR, IT, Sales and Finance topics.
Answers must be grounded and sourced in enterprise data locations
(SharePoint, ServiceNow, Dynamics 365, SAP).
Employees can also use the copilot to perform common actions such as
unlocking an account or booking meeting rooms.
 Why do we ask these questions?
Key stakeholders • This helps us know who the key
stakeholders are for the projects.
Customer, Partner and Microsoft teams • The Microsoft team can also be described
below.

Customer team Microsoft Team

Role Name Email Title Account Executive
Business Sponsor [Jane Doe] [[email protected]] [CIO] [John Doe [email protected]]

Project Lead Account Technology Strategist

[John Doe [email protected]]
Product Owner
Customer Success Account Manager
Technical Lead [John Doe [email protected]]
Solution Architect Sales Specialist
Conversation Designer [John Doe [email protected]]
Tenant Admin Technical Specialist
[John Doe [email protected]]
Cloud Solution Architect
Partner team (if applicable) [John Doe [email protected]]
Engineering Sponsor
Role Name Email Title [John Doe [email protected]]
Project Manager [John Smith] [[email protected]] [Program Lead] Power CAT Program Manager
Architect [John Doe [email protected]]
Developer FastTrack Solution Architect
[John Doe [email protected]]
Functional Consultant
 Why do we ask these questions?
Planning • Understanding the project key milestones
and planned go-live dates will help setup
meetings accordingly.
What is the project timeline, from start to go-live, and the major milestones?
Information we’re looking for:
• Please provide your project timeline, with
target dates for major milestones.
• Feel free to paste your current project
planning.
Example answer (you can delete this)
Kick off with business, technical and partner stakeholders on 8/1.
Phased rollout of the copilot to 1,000 users in a 2-week pilot before
global deployment to all 40k employees.
 Why do we ask these questions?
Target KPIs • To make relevant recommendations, we need
to understand what success means for your
copilots and project.
What are the success metrics for the project, and what are their targets?
Information we’re looking for:
• How is the copilot expected to help your
end-users and lower the support cost?
• How is end-user satisfaction expected to
increase with the copilot?
Example answer (you can delete this) • Is there a specific return on investment
you’re expecting from this project?
60% deflection rate: end-user conversations leading to a • Are there other metrics you’re looking to
resolution without any human intervention (today 20%). track?
4.5+ CSAT score: high satisfaction from end-users (today 3.0).
20,000 conversations / month: employees are expected on average
to use the copilot once every two months
(today 5,000).
$1m. support savings/year: cost of ticket handling and human
support avoided through automation.
Same-day updates and deployments: business subject matter
experts can autonomously update, test and deploy the copilot.
 Why do we ask these questions?
Assumptions & concerns • Understanding your assumptions and
concerns to help you either validate or
address them early in the project.
About the capabilities of your copilot:

What are your assumptions?

Example answer (you can delete this)
• Out-of-the-box deployment capabilities across all channels,
including WhatsApp, Slack, and SharePoint intranet pages.
• Generative AI is expected to fully remove the need to maintain
knowledge within the copilot itself.
• In the era of large language models (LLMs), state of the art intent
recognition and entity extraction.

What are your concerns?

Example answer (you can delete this)
• Limited control of the answers generated by a large language
model (LLM).
• Internal employee pushback about copilots replacing or reducing
customer service teams.
• Some IT teams would prefer to host the conversational AI
software and LLMs on internal servers.
Architecture  Solution architecture

Overview  Conversation volumes

 Performance
 Identified technical challenges
 Why do we share this example?
Copilot Studio Overview • Overview of the native capabilities of
Copilot Studio to help you assess the
features you’re planning to use in the
Product capabilities project.

Post to multiple IVR/ Extend Copilot for

channels Telephony Microsoft 365

World Class UX Declarative Rich Response Intuitive Ease of use Copilot Assistance

Logic + Automation Power Fx Generative Answers + Actions Power Automate Bot Framework skills

Bring your own model

Next-Gen AI Prebuilt LLM Generative AI Proactive suggestions (Azure CLU)

Connected Azure AI
Microsoft Teams Dynamics 365 1000+ Connectors
experience Bot Service

Copilot Lifecycle Test pane Collaboration Solution management ALM Automation

Security +
Trusted identity Full visibility Advanced RBAC Granular DLP control
Governance

Microsoft’s end-to-end copilot building platform

Copilot Studio architecture
Azure Bot Framework Skill Azure OpenAI Dynamics 365 & Data Loss
Microsoft Entra ID Prevention Policies
Bot Service Bot Framework Skill Azure AI Search other contact centers

Environment
Channels

Azure Conversational
Language
Understanding (CLU) Generative Answers, SaaS
(optional) Actions, and Builder

Entity Custom Escalate

Question
Cloud Flow
Entity Custom answering
Custom Topic

Connectors & HTTP Requests

Entity Entity Cloud Flow
Custom Topic
Entity Entity Cloud Flow

Custom Topic
Entity Entity AI Builder

Plugin Action
Dynamic chaining:
LLM-based multi-intents
recognition (optional) System Topic

+ many more Analytics

1000+ Prebuilt
Data Connectors
Solution

RBAC Microsoft Dataverse ALM

Copilots and Conversational AI
Biz Apps & Power Copilots
Microsoft 365 Custom Copilots
Conversational experiences for Other Microsoft
Conversational experiences Custom copilots and bots
Dynamics 365 and Power Platform
for Microsoft 365
products
Copilots for enterprises and third parties

Microsoft Security
Power Platform

Copilot
Microsoft 365

GitHub…Copilot
Sales Copilot
Copilot for

Copilot for

Enterprise
Copilots
Copilot

Custom
Service

Copilot
Windows
Microsoft Copilot Studio
Extend and customize 1st party copilots | Build custom Copilots

Bot Power
Bot Service Azure AI Azure AI
Framework Platform AI Builder
Channels Studio Search
/ SDK Connectors
 Why do we ask these questions?
Solution architecture • To have the big picture of your copilot
project and its integration in a broader
technical and functional landscape.
Provide an architecture diagram with the overview of the technical implementation
Information we’re looking for:
• Architecture diagrams or blueprints
• Functional and technical overview of the
copilot and its integration in the broader
Example answer (you can delete this) technical landscape (other Power Platform or
Azure services, internal APIs, etc.)

Channels

Intranet
Copilot Studio
HR Copilot
• 41k employees
• Handles HR,
Finance, and Generative
answers
IT questions.
Teams

Power Automate

SharePoint
Websites

Multiple internal and external data sources

 Why do we ask these questions?
Conversation volumes • Understanding target volumes helps validate
the target architecture and scale.
• When integrating with external systems, for
What are the expected volumes of chat messages or conversations? example through Power Automate or HTTP
requests, it’s important to validate that every
part can handle the load.
• Target volumes also help validate the
Monthly target volume of
licensing aspects of the copilot and the
messages or conversations and Example answer (you can delete this) potential impact on Dataverse storage for the
growth conversation transcripts.
Initially 200,000 chat sessions per month (with an average of 8
messages per session) when deploying to the first channel and
growing to 400,000 when deployed over all channels. Useful resources:
• Rate limits for copilots
• Pricing plans
Expected seasonality impact • Microsoft Power Platform Licensing Guide

Example answer (you can delete this)

800,000 monthly chat sessions in December and January.

Expected maximum peak of

concurrent conversations Example answer (you can delete this)
Maximum of 5,000 concurrent chats when sales season begins.
 Why do we ask these questions?
Performance • While there are no guaranteed service level
agreements (SLAs) for Copilot Studio
response times – mainly because they
Detail the expected copilot response times depend on complexity, integration patterns,
etc. – it’s still important to understand
performance expectations for the copilot
response times to make sure the copilot
First chat load time and first design optimizes for performance.
message expectation Example answer (you can delete this)
5 seconds for the web chat control to load and for the initial messages Useful resources:
to be displayed to the user. • Capture telemetry with Application Insights

Expected maximum latency

for the copilot to answer user Example answer (you can delete this)
queries
3 seconds after a user provides an input.

Approach for handling long-

running actions (e.g., waiting Example answer (you can delete this)
for an external system to
return data) A specific message is displayed to the user asking them to wait while
the cloud flow runs and returns data. Typing indicator shows that the
copilot is doing something.
 Why do we ask these questions?
Identified technical challenges • To understand the challenges that have
already been identified in the architecture
that could get in the way of the copilot
Please share the list of technical challenges or roadblocks you have already identified success and for which it’s important to
define mitigation plans.

Challenge #1
Example answer (you can delete this)
Connecting to on-premises resources that are not exposed to the
public internet.

Challenge #2
Example answer (you can delete this)
Deploying to a WhatsApp channel.

Challenge #3
Example answer (you can delete this)
Allowing copilot end-users to download the conversation transcript at
the end of the chat session.
Language  Natural Language Understanding
 Intent recognition and slot filling
 Azure CLU integration
 Topic structure
 Handling unrecognized intents
 Localization & languages
 Miscellaneous
 Why do we share this?
Natural Language Understanding • NLU (Natural Language Understanding) is a
subfield of NLP (Natural Language
Processing) that specializes in the machine's
Choosing the right option for intent recognition and entity extraction ability to comprehend and make sense of
human language in a valuable way, focusing
on understanding context, sentiment, and
intent.
Standard NLU model Custom Azure CLU model Dynamic chaining • In Copilot Studio, topic or action triggering
can be done in different ways: customers can
 Supports additional languages, with  Uses a GPT large language model. choose to override the standard NLU model
native models. with Azure CLU (Conversational Language
 Can handle multiple intents and
 Default, out-of-the-box, model that Understanding) – the modern equivalent of
 Allows to further customize the chain topics and/or plugins.
comes pre-trained, with many LUIS – or can be fully replaced with
intent triggering model for better  Automatically generate questions for
predefined entity types. dynamic chaining, a GPT LLM-based one.
intent recognition or to address missing inputs and answers complex
 Configuration is done by adding specific industry requirements. • Azure CLU is a feature of Azure AI
entities and questions from the
trigger phrases and custom entities Language.
 Allows for complex entity extraction conversation context.
(either closed lists with values and
(e.g., of the same type).  Configuration is done by simply
synonyms, or regular expressions).
 Entity extraction can also leverage describing topics, plugin actions, and
Copilot Studio standard NLU. inputs/outputs. Useful resources:
• Trigger phrases best practices
• Slot filling best practices
 Single intent recognition per query.
• Copilot Studio supported languages
 Single intent recognition per query.  Configuration is done in Azure and
• Azure CLU supported languages
 Cannot be extended. involves additional costs.  As it’s a generative AI feature, the
licensing burn rate of messages is • Azure CLU limits
 Slot-filling multiple entities of the  Has its own service limits that need
to be evaluated. higher than in regular topic • Azure CLU pricing
same type in the same query requires
disambiguation for each (e.g., from triggering. • How to use CLU as your NLU (video)
 Azure CLU intents and Copilot
and to cities) Studio topics must be carefully kept • Dynamic chaining (preview)
in sync.
 Why do we ask these questions?
Intent recognition and slot filling Trigger phrases:
• Trigger phrases train your copilot's natural
language understanding (NLU) model.
Leveraging native capabilities for better intent recognition and efficient conversations • It’s important to appropriately configure
them to make sure that the right topic triggers
for the user utterances.
How are you planning to • When a copilot is uncertain what topic to
trigger, it can suggest up to 3 potential topic
define the topics trigger Example answer (you can delete this) candidates (Multiple Topics Matched topic)
phrases? or go to Fallback if no topic is identified.
From an existing FAQ base and from agent chat transcripts.
Entity extraction and slot filling:
• Slot filling relates to the use of entities that
let a copilot acquire and use information
more easily by identifying and extracting
them from the user query.
What is your expected use of • For example, when a user asks:
entities (prebuilt, closed list, Example answer (you can delete this) “I’d like to order 3 large blue t-shirts”,
regular expressions). the Natural Language Understanding (NLU)
Regular expressions to identify an order ID, prebuilt entity for email, can immediately understand:
and closed list for operation type and synonyms for each.  Topic is Order.
 Quantity is 3.
 Color is Blue.
 Size is Large.
 Item Type is T-Shirt.
Do you plan to test topic And the related questions be skipped.
triggering with test
Example answer (you can delete this)
utterances? Useful resources:
Yes, bulk testing to make sure the relevant topics are triggered based
on a set of test user utterances. • Trigger phrases best practices
• Slot filling best practices
 Why do we ask these questions?
Azure CLU integration • You can integrate a Conversational
Language Understanding (CLU) model with
a Copilot Studio copilot.
Overriding the standard NLU model with Azure Conversational Language Understanding • Azure CLU intents must be mapped with
Copilot Studio topics.
• Copilot Studio prebuilt entities can be used
in conjunctions with Azure CLU entities.
Do you plan to use Azure
• Using Azure CLU requires separate Azure
CLU? If yes, why? Example answer (you can delete this) resources and involves separate costs.
What benefits are you
Using Azure CLU to support additional languages, industry specific
expecting? dictionaries and complex entity extraction. Useful resources:
• Azure CLU integration overview
• Azure CLU best practices
• Azure CLU limits
Are you also doing custom • Azure CLU pricing
entity extractions with Azure Example answer (you can delete this)
CLU? Why?
To do silent or lucky slot filling without having to ask questions and
to handle unsupported scenarios in Copilot Studio such as source and
destination city in the same phrase.

How are you making sure the

related Azure CLU service
Example answer (you can delete this)
quotas and limits match the
use of the copilot? Azure CLU is setup using the S tier. Less than 1,000 calls requiring
intent recognition are expected per minute.
 Why do we share this example?
Topic structure example for disambiguation This example showcases the use of a
disambiguation topic. It’s very useful when it’s
hard or impossible to be certain of triggering the
Mixing topics triggered by trigger phrases and redirected topics right topic if the user doesn’t provide enough
details in their query. This also prevents
triggering a multiple topics matched topic that
Natural Language Understanding “Trigger Phrases” Topics Reusable, Bite-Size, Topics sometime confuse users.
Trigger phrases Triggered from trigger phrases or redirects Explicitly called by topics
• In this example, trigger phrases are
associated to two main topics, that then
Topic: Card break down their logic into multiple sub-
Topic: Debit Card
topics that are called with redirect actions.
Question: Debit/Credit • Some topics can be called by multiple other
…
• Issue with my card topics: that's typically the case with the End
Question: Block/Unblock
• Block card Of Conversation topic.
• I need to block my credit card • Thanks to slot filling and entity extraction, if
Condition
• Need help blocking debit card Topic: Credit Card
• Unblock card a user says "I need to unblock my credit
• Need to unblock credit card card", the Card topic will get triggered and
• How to unblock my debit card … both Debit/Credit and Block/Unblock
Debit Credit
questions will be skipped, as the Card Type
and Operation Type will be deduced from
End of Conversation
the trigger phrase. That way, the appropriate
Credit Card child topic will automatically be
Topic: End of Conversation
called, without the user providing any
additional input or even noticing they went
…
through the disambiguation topic.
Topic: Location

• Find my nearest bank Question: Location Useful resources:

• Check branch location
• Find a bank Location Topic: Location Check • Topics best practices
• Find me your nearest location
• Banks near me Message
…

End of Conversation
 Why do we ask these questions?
Topic structure • Topics are discrete conversation paths that,
when used together, allow for users to have a
conversation with a copilot that feels natural
Creating and designing efficient topics and flows appropriately.
• While there's no one size fits all, given how
topics can be triggered, it's a good practice to
distinguish between:
What is your approach to  Topics that will trigger based on user
designing topics? Example answer (you can delete this) utterances. These can almost be seen as
your entry points topics. If you have
A few custom topics for key scenarios with relevant trigger phrases trigger phrases that overlap multiple
and redirects, with a parent-child topic structure. Unrecognized topics, consider having a catch-all topic
intents will trigger generative answers and fallback. and then redirect to other topics after
clarifying questions. With entity
extraction and slot filling, clarifying
questions can be skipped if already
Do you plan to use answered.
disambiguation topics? Example answer (you can delete this)  Topics that will trigger when called
from a redirect action, activity or
Yes, for user account operations with clarifying questions on the event. These can be called by multiple
operation (e.g. create, unlock, suspend, etc.) and system (e.g. SAP, topics and can have input and output
ServiceNow, Microsoft, etc.) variables. They're ideally reusable, bite-
size, topics.
 A topic can also be both, triggered
through intent recognition or by an
How are you avoiding explicit redirect.
duplicating topic content  Conversational boosting and fallback:
Example answer (you can delete this) topics that trigger when no matching
multiple times?
Whenever a dialog path needs to be repeated, creating reusable topics topic is triggered based on a user query.
that can be called by a parent topic before resuming the parent topic
conversation logic once the child topic is complete. Useful resources:
• Topics best practices
 Why do we ask these questions?
Handling unrecognized intents • The Fallback topic gets triggered when
Copilot Studio doesn't understand a user
utterance and doesn’t have sufficient
Answering for unplanned user queries confidence to trigger any of the existing
topics.
• If Generative Answers are enabled on the
copilot, the Conversational Boosting topic
How are you planning to also triggers on the unknown intent event
manage unrecognized intents? Example answer (you can delete this) and triggers before the Fallback one.
• There are many ways to handle
First by going to the Conversational Boosting topic to look for the
unrecognized intents: using Generative
answer in corporate resources (SharePoint sites and public websites) Answers to look for the answer on various
and if no result to a fallback ChatGPT experience. data sources and/or using the Fallback topic
to integrate with other systems. For example,
question answering in Azure Cognitive
Service for Language allows you to offload
Are you integrating with an large volumes of question-and-answer pairs.
external system as part of Example answer (you can delete this) It also has a chitchat model to handle
fallback? If yes, how? random questions to the copilot.
The Azure OpenAI GPT-4 model is called through an HTTP request. • While it’s important to leverage the
It uses a custom system prompt to offer a compliant ChatGPT-like Conversational Boosting and Fallback
experience. capabilities, it’s also important to make sure
that the core scenarios and topics of your
copilots are property handled through
custom topics and their outcomes defined
What is the expected % of (resolved, etc.).
conversations hitting fallback?
Example answer (you can delete this)
25% initially, and these are regularly reviewed to enrich existing
Useful resources:
topics or create new ones. • Generative Answers
• Using the Fallback topic
 Why do we ask these questions?
Localization & languages • There are multiple ways to address copilot
localizations. Understanding your
requirements will help make better
What languages should your copilot speak? architecture recommendations.
• The main approaches are:
 One copilot per language.
 One copilot for multiple languages, with
What languages and markets translations provided as part of the
should your copilot support? Example answer (you can delete this) copilot configuration. Translations need
to be updated each time the copilot is
Primarily US English (70% of end-users), Spanish (20%), French, updated or when new content is added.
Portuguese (Brazilian) and Dutch (Belgium Flemish).  One copilot for multiple languages, with
translations provided real-time, at
runtime, through a relay copilot sitting
between the user and the copilot. This
allows deploying more languages
Do you plan for a single rapidly, but it also adds a dependency on
copilot multi-languages Example answer (you can delete this) a relay copilot and a real-time translation
copilot, or for one copilot per layer (e.g., Azure Service Copilot and
language? A single copilot enabled for multiple languages, with condition logic Azure Cognitive Services Translator).
based on the end-user language so that some topics are only available
for specific regions. Useful resources:
• Supported languages
• Azure CLU integration
Should the translations be set • Real-time multilingual copilot sample
during configuration or real-
Example answer (you can delete this) • Configure multilingual chatbots
time (i.e., provided at • How to make multilingual copilots (video)
runtime)? Not yet, but this could be considered to deploy to more markets more
rapidly. • Make generative answers multilingual (video
)
 Why do we ask these questions?
Miscellaneous • Sessions can be configured to last for more
than the default 30-minute by using the
inactivity trigger.
Miscellaneous conversation design questions and requestions

Useful resources:
Do you have specific • Inactivity trigger
requirements on session Example answer (you can delete this) • Conversation Design Institute
timeout? (i.e., how long a
We need chat sessions to last up to 7 days on the Teams channel.
copilot session can last)

Do you have other

requirements or questions on Example answer (you can delete this)
conversation design?
No, the copilot business subject matter experts in the project all
trained and certified with Conversation Designer Certification from
the Conversation Design Institute.
AI capabilities  Generative AI is changing conversational AI
 Generative answers
 Generative actions and dynamic chaining
 Generative builder (copilot)
 Other AI requirements
 Why do we share this example?
Generative AI is changing conversational AI • Before generative AI, companies used to
create every topic their bots needed by hand,
and they could only create so many, perhaps
Before generative AI a few hundreds – and then they had a large
cliff of unsupported things a user couldn’t
talk about.
• These then would create user frustration with
the bot saying "sorry I didn't understand
you“, or large costs by having it just to dump
the user to a human agent.

Manually authored topics

Anticipate and build a manual topic for each
possible user question
BUSINESS CRITICALITY

Then keep these topics up to date as your

content changes

Missed opportunity

Time spent hand-building Conversations missed

topics or escalated

TOPICS BUILT
 Why do we share this example?
Generative AI is changing conversational AI • Now, with Generative AI, companies are
increasingly only building a few, business
critical topics where they want tight control
After generative AI over the dialog.
• And for everything else, they're just pointing
to knowledge sources and allowing the bots
to talk over those corpuses.
• That means vastly increased support
coverage for anything a user could ask, and
far less topics that need to be handled by
Manually authored topics
human agents.
Manually author business-critical topics • But it also means that maintaining topics is
quickly with Copilot Studio far less onerous - as the information changes,
the copilot answers change automatically.
• There are no dialogs to continually update
and keep relevant. So, this dramatically
BUSINESS CRITICALITY

reduces costs.

Expose your knowledge sources and APIs

and generative AI handles the rest
Custom- Vast coverage of the long tail, and as content changes,
built copilot answers change as well
topics
+ help
from
generative Topics handled by
builder Generative Answers and Actions

TOPICS BUILT
 Generative answers processes and considerations
Public •Up to 4 URLs, but the list can be dynamic.
1 Query rewriting • Websites must be Website •Max 2 subpages depth (/en/help/), no direct pages.
Optimizing the user question indexed by Bing.
for search Public data • Bing being a global •One configuration ID, but it can be set using a formula.
Bing
service, no regional •Azure costs covered by Microsoft
Last 10 turns are leveraged Custom
boundary is possible. •Up to 400 URLs, custom ranking options.
for contextualization Search
•Max 2 subpages depth (/en/help/), supports direct pages.

• Requires the user to be authenticated with Entra ID to make delegated calls to the Graph API.
2 Content retrieval
• Matching files (max 3 MB) are retrieved to get detailed snippets to summarize.
Querying each source
SharePoint
• Up to 4 SharePoint or OneDrive for Business sites (but the list can be dynamic).
Internal only
• Security trimming: returned results only include content the user has read access to.
Top 3 results per source • Users eligible to Microsoft 365 Semantic Index benefit from better results.

• Returns results from the linked Azure AI Search index (keyword, semantic, and vector search).
3 Summarization
Azure OpenAI • Not a passthrough to Azure OpenAI – generative answers summarization and validation apply.
Answer summarization from •
on your data Connection isn’t delegated: no security trimming, no authentication requirement for the user.
retrieved content • Can index content from public URLs/web addresses (useful if regional boundary is required).
Citation generation
• Files (max 3 MB) are stored in Dataverse file storage and indexed with Dataverse Search.
Answer personalization with Uploaded • Not possible to offer a URL to the source documents in the citations.
custom instructions
documents • Documents are uploaded at the copilot level. Gen Answers node will search across all uploaded
documents or none, when disabled at a node level.
Validation at each step
Moderation of harmful, malicious, • Requires a step to query the data source – using cloud flows, connectors, or HTTP requests.
uncompliant, or copyrighted answers • Results are passed as inputs to the generative answers to summarize an answer for the query.
Custom data • Input data needs to be in table format, with 3 properties: Content (typically snippets of relevant
Grounding validation and content) , ContentLocation (optional, typically a URL) and Title (optional).
hallucination removal
Generative AI security and compliance considerations
The large language models (LLM) Copilot Studio depends upon are the foundation models trained by OpenAI.
Generative answers uses GPT-3.5 Turbo, but as new models outperform previous ones, they can be updated.
Models are hosted on internal Azure OpenAI services, honoring the Microsoft Services Trust boundary.
Models are accessed and used following Microsoft Responsible AI principles and policies.
Custom instructions can be added to generative answers to influence format and filters.
Data storage and processing for Copilot Studio generative AI capabilities may result in data movement across
regional boundaries. When local data storage and processing aren’t available in the region, environment settings are
available to disable features requiring Azure OpenAI or Bing Search, preventing data movement.
Copilot Studio does not collect, nor provide any customer data, for use in the training of LLMs.
For operations purposes only, conversations are stored temporarily in a service-operated and secured store so that
authorized Microsoft employees via Secure Access Workstations (SAWs) with Just-In-Time (JIT) access requests may
respond to support requests. Access can be controlled through Customer Lockbox.
Generative AI capabilities log additional troubleshooting data, but only when the thumbs up or down reactions are
used by the copilot author in the Copilot Studio test pane.
Given the existing control layers and to avoid further logging of customer data, Azure OpenAI abuse monitoring is
disabled for Copilot Studio generative AI features.
 Why do we share this example?
New design patterns with generative AI • This shows how generated responses are
plugged into a dialog manager (Copilot
Studio) to ensure that you remain in control
New paradigm in topic responses of the user experience while allowing for
authored experiences that are key functions
of your copilot, scripted responses that are
key for managing the answers you want
Authored Topics scripted (such as marketing-controlled
responses) work in conjunction with
STAGE 1 Unified Copilot-assisted Authoring generated responses allowing the enterprise
Authoring Canvas to remain in full control of the experience.
• This allows for an end-to-end enterprise
conversational platform to build effective
FAQ / Scripted Responses and managed experiences that delight
customers, while reducing the overhead and
*…STAGE 2 cost of maintaining fully scripted
Copilot Studio Topics FAQ via Question
Answering experiences of the past.

Topic examples:
Generated Responses
• Authored Topics
…STAGE 3 “How many miles do I have in my account?”
Generative
Large Language Models
Answers • FAQ / Scripted Responses
“Why are all flights currently grounded?”
• Generated Responses
Escalation “What type of snacks are available on your
…STAGE 4 flights?”
Omnichannel Live Agent Hand-off • Escalation
“Can I talk to an agent?”

* Will only move to next stage(s) if necessary

 Why do we share this example?
Infusing generative AI into topics example • Generative answers unlock new use cases for
copilots where dialog paths no longer need
to be fully anticipated.
Finding the right place for generative AI in your new or existing copilots • By plugging generative answers into your
internal and external data sources, the
copilot can search and summarize answers
Pattern #1: for user queries.
Generative Answers
• It’s not an ‘either’ choice: you can configure
Placing Generative Answers
generative answers wherever you choose in
as the first level of unknown your topics, and the data sources can both be
intent logic before Fallback. dynamic, hard coded, or enriched with
If no answer: Fallback
context variables.
• It’s still a good idea to have generative
answers also configured in the
Conversational boosting topic that triggers
Pattern #2: Fallback before Fallback, to try to catch and answer
Enriching your existing user queries with broader data sources before
Fallback they get to Fallback.
Your current Fallback logic, e.g. • While planning for generative answers, it’s
Question Answering
important to plan for follow-up questions
(should they remain in context of the
Your 2nd layer if no results are previous answer or trigger a new topic?) and
turned: Generative Answers how you will measure, track, and validate
that the generated answers are accurate and
answer the user questions.
Pattern #3:
Topic 1 Topic 2 Topic 3 Topic 4 Topic 5
For simple, single-turn Useful resources:
question & answer topics, • Data sources: public websites,
group them into a single or Bing Custom Search, SharePoint/OneDrive,
multiple new topics with their New Topic A, merging previous topics trigger New Topic B with Generative
phrases and using Generative Answers Answers
Custom Data, uploaded documents,
past trigger phrases Azure OpenAI on your data.
 Why do we share this example?
Infusing generative AI into topics example • Generative answers unlock new use cases for
copilots where dialog paths no longer need
to be fully anticipated.
Mixing scripted dialog paths and generative answers from different data sources • By plugging generative answers into your
internal and external data sources, the
copilot can search and summarize answers
for user queries.
User Query Trigger Topic Topic Logic • It’s not an ‘either’ choice: you can configure
generative answers wherever you choose in
your topics, and the data sources can both be
Child Topic Power Automate logic dynamic, hard coded, or enriched with
context variables.

Disambiguation Topic
• It’s still a good idea to have generative
Child Topic Standard dialog answers also configured in the
Conversational boosting topic that triggers
Utterance Intent Recognition
before Fallback, to try to catch and answer
Child Topic Escalation user queries with broader data sources before
they get to Fallback.
If no matching Condition-based SharePoint sites • While planning for generative answers, it’s
topic trigger phrase Child Topic
Generative Answers important to plan for follow-up questions
(should they remain in context of the
ServiceNow Custom Data previous answer or trigger a new topic?) and
Service Desk KB
No Intent Recognized #1 Generative Answers how you will measure, track, and validate
that the generated answers are accurate and
Variable-augmented Public answer the user questions.
Customer FAQ
Website Generative Answers
If no matching
Conversational
Boosting content Azure OpenAI On Your Data Useful resources:
Conversational Boosting
Generative Answers
• Data sources: public websites,
Bing Custom Search, SharePoint/OneDrive,
No Intent Recognized #2 Fallback ChatGPT-like experience Custom Data, uploaded documents,
Azure OpenAI on your data.
 Why do we share this example?
Azure OpenAI reference architecture • Using your own Azure OpenAI service?
Consider reviewing the Azure OpenAI
Landing Zone.
Azure OpenAI Landing Zone reference architecture • Azure Landing Zones provide a solid
foundation for your cloud environment.
When deploying complex AI services such
as Azure OpenAI, using a Landing Zone
approach helps you manage your resources
in a structured, consistent manner, ensuring
governance, compliance, and security are
properly maintained.
• The Azure OpenAI Landing Zone is a
reference architecture that integrates a
variety of services to create a seamless
infrastructure for running OpenAI
workloads.

Useful resources:
• Azure OpenAI Landing Zone reference archi
tecture
 Why do we ask these questions?
Generative answers • By default, generative answers is available
in the ‘Conversational boosting’ system
topic that triggers just before ‘Fallback’,
Dynamically generate answers real-time based on content you choose when an intent isn’t recognized.
• Generative answers nodes can however be
used throughout your custom and system
topics, and the data sources be different and
What data sources are you even set dynamically.
using for generative answers? Example answer (you can delete this)
Do you use custom Yes, over public websites, internal SharePoint sites, and ServiceNow
instructions? knowledge bases. Useful resources:
Instructions to return friendly and brief answers (40 words max). • Generative answers
• Generative answers node
• Generative answers with Bing Custom Searc
Where, in your topic structure, h (video)
do you leverage generative • Generative answers with custom data – Servi
Example answer (you can delete this) ceNow (video)
answers? • Generative answers with uploaded document
Mostly in custom topics that will contain trigger phrases and entity
s (video)
questions that will direct the user towards the right data source.
• Customize responses with generative answer
Conversational boosting will use public FAQ websites. s (video)

Do you have more advanced

scenarios that require your
Example answer (you can delete this)
own large language models
(LLMs)? Yes, as a last resort and to handle chitchat and unrelated queries, the
copilot will be able to answer in a ChatGPT manner (e.g. help write
me a SQL query, etc.)
 Why do we ask these questions?
Generative actions and dynamic chaining • Generative actions enable copilots, with the
Azure OpenAI-powered conversation
engine, to select and chain together plugins,
Intelligently chain together plugins to complete tasks for your users without any
manual authoring required.
• Dynamic chaining allows to replace Copilot
Studio NLU (including Azure CLU) with
Do you plan to use plugin one based on a GPT large language model,
actions and if yes, how? Example answer (you can delete this) allowing to do multi-intent recognition and
advanced entity extraction.
• Yes, to perform actions in various systems and letting AI ask for
any missing required property for the configured APIs.
Useful resources:
• Copilot Studio copilot building experience w
ith generative AI
• How to use plugin actions (video)

Do you plan to replace the

standard NLU with dynamic
chaining? Example answer (you can delete this)
• Not initially, but dynamic chaining will be evaluated for its
advanced multi-intent detection (for topics and plugin actions)
and multi-entity extraction (even for entities of the same type)
compared to traditional natural language understanding
capabilities.
 Why do we ask these questions?
Generative builder (copilot) • In addition to the traditional method for
creating and editing topics, Copilot Studio
lets you create and iterate on topics by
Intelligent topic authoring support describing what you want and having AI
build it for you, significantly decreasing the
time it takes to create and update copilot
topics.
Do you plan to use the • While AI helps get faster to results, it’s
generative builder to design Example answer (you can delete this) important to check that the generated content
new topics or update existing works as intended and meets expectations.
Yes, this helps business users easily get started without an intimidate
ones? blank topic canvas.
Useful resources:
Please describe how Copilot is also used to update existing messages and questions to
• Create (and edit) with copilot
suggest variations, making the copilot more friendly and natural.
• Topic authoring with copilot (video)
Copilot also helps create adaptive cards that summarize the
information gathered in multiple questions and variables.
 Why do we ask these questions?
Other AI requirements • Understand if other existing or custom AI
capabilities are to be leveraged in the
project.
Detail other expected AI capabilities for your project
Useful resources:
• AI features for Teams and Classic bots
Do you have other AI
requirements for your copilot Example answer (you can delete this)
project?
Yes, AI capabilities are expected to cover these scenarios:
• Sentiment analysis to escalate the conversation to a live agent if
the tone is too negative.
• Transcripts analysis to suggest new topics or new trigger phrases
for existing topics.
• Topic overlap detection to warn of risks of ambiguity between
existing topics.
• AI Builder integration for image recognition and text extraction
from uploaded pictures.
Integrations  Integrations
 Power Automate and HTTP/Connectors
 Handling cloud flow timeouts examples
 Why do we share this?
Integration patterns and considerations • Copilot Studio integration patterns are not
exclusive and can be combined.
• Integration can only be as fast as the
Choosing the right integration pattern for each requirement endpoints you connect to. In a
conversational experience, queries should
always be optimized.
Power Automate HTTP requests Bot Framework
Cloud flows & Connectors Skills • If Power Automate or Copilot Studio don’t
run your logic fast enough, or if logic is
better handled in code, consider moving it to
 No-code / low-code.
Dataverse custom APIs or Dataverse low-
 Synchronous. code plug-ins – both have 2-min timeout
 No-code / low-code.
 Can be monitored as part of Copilot  Synchronous execution. limit – or Azure functions. These can be
 Clear separation of integration and
Studio App Insights integration. invoked by connectors or HTTP.
conversational logic.  Support for private endpoints.
 Can leverage variables, including • Alternatively, in specific scenarios,
 Can be monitored separately.  Existing Bot Framework investments
environment variables and secrets. customers may want to do the data
 Existing cloud flows can be updated can be reused. integration in a middle layer, effectively
 Variables, conditions, parameters, etc.
to integrate with Copilot Studio. can use Power Fx formulas. modifying messages as they are relayed
 Parsing and error handling support. (e.g., for data enrichment, data masking
before they get to Copilot Studio, etc.).
• Use of premium connectors is covered as
part of Copilot Studio licensing.
 Asynchronous execution can cause
latency and slowness (both to invoke
or to run complex flows).  Mixing conversational logic and
 Pro-code (e.g., C#) Useful resources:
 If scale/performance are a concern, integration logic, but integration  Runs in the Azure AI Bot Service.
• Call a cloud flow as an action
the higher-tier “Power Automate topics can be isolated, as they can be  Additional costs need to be covered
configured for inputs and outputs.
• Perform HTTP requests
Process” plan can be evaluated. by an Azure subscription.
 Need to return results within 100s.
• Use connectors (preview)
 “Power Automate Process” required  ALM differs from Power Platform.
for service principal ownership. • Use plugin actions (preview)
 Need to return results within 100s. • Use Bot Framework skills
• Dataverse custom APIs
• Dataverse low-code plug-ins (preview)
• Azure functions
 Why do we ask these questions?
Integrations • Understanding the various systems that the
copilot, or its underlying environment, will
connect to, the purpose of these integrations,
Overview of all integrations with other systems and expected volumes and the expected volumes.

Connected Expected Expected

Useful resources:
Called by Called with Details / purpose
system daily volume peak • Use Power Automate cloud flows
• Perform HTTP requests
Example answer (you can delete this) • Use plugin actions
• Use Bot Framework skills
ServiceNow Service Desk Cloud flow 5,000 1,000 The user query is used as an input to run a
KB topic query on ServiceNow knowledge base using
the standard connector. A JSON of results is
returned to Copilot Studio for generative
actions custom data.

Contoso website Conversational Generative 1,000 100 https://contoso.com/en-us/FAQ with /en-us/

Boosting topic answers being dynamically set based on the user
locale variable.

Internal Conversation Cloud flow 15,000 5,000 Use of the on-premises data gateway to
Directory API Start topic connect to an internal API.

Weather API Weather topic HTTP 500 100 GET request to a REST-based API
Teams Meeting Plugin 1,500 300 Create a Teams meeting based on
Booking topic conversation inputs.

Bot Framework Travel topic Skills 2,000 400 Leveraging existing Bot Framework Skill to
Skill book travels.

SAP Every 24h Cloud flow 20,000 - Daily batch synchronization of the product
catalogue from SAP to Dataverse.
 Why do we ask these questions?
Power Automate and HTTP/Connectors • Power Automate offers great integration
capabilities, with more 1,000 native
connectors or ways to create your own
Leveraging the 1,000+ connectors to extend your copilot custom connectors to your APIs.
• For a good end-user experience, cloud flows
triggered from Copilot Studio must execute
quickly so that the user doesn’t have to wait
How are you optimizing your too long for the copilot to answer.
cloud flows and Example answer (you can delete this) • Cloud flows triggered from Copilot Studio
HTTP/Connector requests to have a maximum of 100 seconds to return to
When connecting to the target system, the query filters the results and
make sure they run as fast as only returns the columns that will be used.
Copilot Studio before they time out.
possible? • You can make HTTP requests or use
connectors directly from Copilot Studio, to
avoid invoking cloud flows and optimize
performance.
Do you call cloud flows that
don’t have any connector as Example answer (you can delete this) Useful resources:
part of their actions? • Call a flow as an action
If yes, why? No.
• Perform HTTP requests
• Power Automate Standards by MVP Matthe
w Devaney

How do you handle cloud

flow timeouts and limits (e.g.,
Example answer (you can delete this)
throttling)?
• Parallel branch in cloud flows to return a result before 100s.
• Each connector limit is assessed.
• Power Platform requests are accounted for.
 Why do we share this example?
Handling cloud flow timeouts example #1 • By adding a parallel branch that returns a
result to Copilot Studio within 100s, you can
more gracefully handle the timeout on the
Return results to the copilot before the 100 th second copilot side.

Useful resources:
• FlowActionTimedOut error code
• MVP Matt Jimison's
example of handling cloud flow timeouts in
Copilot Studio
 Why do we share this example?
Handling cloud flow timeouts example #2 • Cloud flows can continue to run after
outputs are returned to Copilot Studio.
• Place long running logic after the “Return
Return results to the copilot and let long-running logic continue value(s) to Copilot Studio” step.
• When deploying to Microsoft Teams, the
‘send proactive message’ message feature
could be used to have the bot send the
message to the user, once it is ready on the
Power Automate side.

Useful resources:
• FlowActionTimedOut error code
• Notify bot users in Teams with proactive me
ssages
Channels and  Deployed channels

hand off  Chat clients

 Hand off management
 Why do we ask these questions?
Deployed channels • Copilot Studio deploys to multiple channels
natively (Teams, websites, Facebook, Power
Pages, Power Apps canvas apps, etc.).
Overview of all integrations with other systems and expected volumes • For advanced scenarios such as custom apps
or web clients, customers can integrate with
the copilot’s Direct Line API.
Channel Expected Volume Details
• The Direct Line API supports WebSocket,
Example answer (you can delete this) and efficient streaming method to push
messages to clients, whereas the HTTP GET
Teams 5,000 / month Deployed as a Teams app to all employees. interface enables clients to explicitly request
Direct Line – Intranet website 10,000 / month Deployed using the standard custom website integration. messages.
• For additional channels, customers would
Direct Line – WhatsApp 2,000 / month Azure relay copilot + channel adapter connecting to Infobip
typically setup a relay copilot to use Azure
Direct Line – Voice 5,000 / month Voice channel through 3rd-party AudioCodes Copilot Services channels and potentially
use community channel adapters.

Useful resources:
• Publish a copilot to various channels
• Key concepts in the Bot Framework Direct L
ine API 3.0
• Add a Copilot Studio bot to Azure Copilot S
ervice channels
• Available Azure Copilot Service channels
• Channels and Community / Botkit Adapters
 Why do we ask these questions?
Deployed clients • There are many available options to deploy a
copilot interface to users.
• Depending on the channel and client, not all
List the different clients the for the copilot Markdown and adaptive card formats may
be supported.

Client Customization Message formatting

Client Details
requirements requirements Useful resources:
• Configure a copilot for a live website
Example answer (you can delete this)
• Customize the web chat canvas (simple)
Default Web Chat canvas V1 MVP Simple CSS and JavaScript Simple markdown
• Customize and host your own chat canvas (a
styling options 1.5 adaptive cards dvanced
Bot Framework Web Chat V2 for advanced styling and Logo & brand identity Simple markdown )
controls 1.6 adaptive cards • Bot Framework Web Chat canvas
Genesys Cloud chat client V3 to add handoff Logo & brand identity Simple markdown • Format your bot messages in Teams
1.6 adaptive cards • Markdown Guide
Teams For internal teams N/A Simple markdown • Adaptive Cards
1.6 adaptive cards
SMS N/A Text only
 Why do we ask these questions?
Hand off to a live agent • When requiring hand off to an agent, the
chat client must be the one of connected
engagement hub, that is placed at the front,
Copilot Studio lets you hand over copilot conversations to a human and not Copilot Studio. The engagement hub
integrates with Copilot Studio through APIs,
and that’s how it’s able to take over a
conversation from a copilot to escalate to a
Are you handing off live agent.
conversations to Dynamics Example answer (you can delete this)
365 Omnichannel for A full hand off to an engagement hub follows
No
Customer Service? (dedicated this pattern:
section) 1. An end-user interacts with the engagement
hub's chat canvas.
2. The engagement hub routes the incoming
chat through routing capabilities.
Are you handing off 3. A custom adapter relays the incoming chat
conversations to another Example answer (you can delete this)
messages to the Copilot Studio copilot.
engagement hub solution? 4. Once the end user triggers hand-off, Copilot
If yes, which one and how? Yes, Genesys Cloud through a custom adapter. Studio starts hand-off with full chat context.
5. The custom adapter intercepts the hand-off
message and context, and seamlessly routes
the conversation to an agent.
6. The end user's chat is handed off to an agent
who can resume the conversation.
What chat client are you
placing in front of your end-
Example answer (you can delete this) Useful resources:
users?
Genesys chat widget. • Hand off with Dynamics 365 Omnichannel f
or Customer Service
• Hand off conversations to any generic engag
ement hub
 Why do we share this?
Handing off to a live agent • The preferred and most standard approach to
handle hand off with a live agent is to use
the engagement hub chat canvas at the front.
Pattern 1: “bot-as-an-agent” Engagement Hub at the front, Copilot Studio at the back • This is how most standard integrations with
1st-party or 3rd-party contact centers are done
and made available.
1 • Pros:
 Easier to setup without too much
overhead (frontend configuration).
Contact Center Azure or other Copilot Studio  Agent messaging and capability
maintain full fidelity.
Engagement Hub Adapter Copilot Studio  Existing engagement hub capabilities
Engagement Hub (sometimes native with (agent takeover, sentiment analysis,
Chat Canvas 3rd-party providers) Direct Line APIs
supervisory…) continue to work as-is.
• Cons:
× No ability to intercept human agent
3 2 messages upon escalation (unless
engagement hub supports an API).
× No whisper mode (unless engagement
End-user Live agent hub supports it)
× No control over user experience of
responses (messages, cards) emitted
from bot.
1.1 End-user chats with the Engagement Hub chat canvas and an adapter relays messages
with a Copilot Studio copilot through the Direct Line APIs.
Useful resources:
2.2 When an escalation event is sent by the Copilot Studio copilot APIs, the Engagement Hub • Hand off to a live agent
takes over the conversation. • Hand off with Dynamics 365 Customer Serv
ice
3.3 A live agent can resume the chat with the end-user. , Genesys, LivePerson,
Salesforce Einstein Bot, ServiceNow.
• Hand off conversations to any generic engag
ement hub
 Why do we share this?
Handing off to a live agent • An alternative but more custom and complex
approach is to use Copilot Studio at the front
and integrate through an engagement hub
Pattern 2: “bot-in-the-loop” Copilot Studio at the front, Engagement Hub at the back APIs through a skill.
• Pros:
 Copilot Studio is always in the loop,

1 including agent messages.

 Full control over how responses
(messages, cards, etc.) emitted from the
Azure AI
Copilot Studio Contact Center bot are shown to end-user.
Bot Service  Agent may be assisted in whisper mode

Chat Copilot Studio Microsoft Bot Engagement Hub (i.e., agent assist).
 Opportunity for the bot to do skill-based
Canvas Direct Line APIs Framework Skill & APIs
routing to the right agent.
• Cons:
× Engagement hub must be sufficiently
2 3 extensible to support this pattern.
× Many hops between systems.
× Requires a pro-dev and PaaS approach
End-user Live agent for the Bot Framework skill.
× Heavy overhead and integrations of the
hub with Copilot Studio.
× Live agent is limited to using a
1.1 End-user chats with the Copilot Studio copilot through the chat canvas (the standard one compatible chat canvas.
or a custom one that integrates with Copilot Studio Direct Line APIs). × No ability for channel provider to
customize their agent messages to show
2.2 When an escalation event occurs, Copilot Studio triggers a Bot Framework skill. up in the canvas.
× Agent takeover / supervisor capabilities
3.3 The skill relays messages back and forth between the Contact Center live agent and the likely aren’t possible.

end-user through the Engagement Hub APIs

Useful resources:
• Hand off to a live agent
• Use Microsoft Bot Framework skills
Security,  Security and administration controls
 Copilot security configuration
monitoring &
 Data loss prevention policies
governance
 Tenant and environment security
 Authentication & channel security
 Single sign-on
 Monitoring
 Governance
 Compliance
 Why do we share this?
Security and administration controls • Data loss prevention (DLP) policies can be
configured at tenant-level to apply either to
all environments, only specific
Available security, governance and AI controls at the tenant, environment, or copilot level environments, or all environments except
specific ones. DLP policies can enforce
authentication, disable specific channels
Copilot Studio features controls Copilot Studio maker access controls
(e.g., Direct Line, Teams, Omnichannel,
Facebook), block specific connectors, or
 Data loss prevention (DLP) policies can be enforced for
 Allow/block access to the Copilot Studio authoring web app block the use of skills. Individual copilots
Copilot Studio and applied to all environments to:
(i.e., copilotstudio.microsoft.com) can be controlled by: can be exempted from DLP policies.
• Allow/block unauthenticated usage.
• The publishing of copilots using generative
TENANT

• Allow/block individual channels. • Assignment/removal of a Copilot Studio User License

to an individual user or to an Entra ID group. AI features such as generative answers can
• Allow/block individual connectors.
• Allow/block self-service trials for the tenant. be completely blocked at the tenant level.
• Allow/block connecting to skills.
 Allow/block access to the Copilot Studio Teams app (i.e., • For environments outside of the U.S. region,
 Allow/block publishing of copilots that use generative AI.
aka.ms/CopilotStudioForTeams) generative AI features can be blocked at the
 Allow/block M365 Copilot Conversational Plugins. environment-level. The public data source
(Bing) can also be individually disabled.
 Data loss prevention(DLP) policies can be scoped to  Allow/block environment access with security groups.
ENVIRONMEN

exclude specific environments to allow required capabilities  Allow/block permissions to create, read, update or delete
Useful resources:
(e.g., allow unauthenticated usage). copilots through security roles. Dataverse tables: • Security and governance in Copilot Studio
T

 For environments outside of the U.S. region: • Chatbot (bot)

• Enforce DLP policies for Copilot Studio
• Allow/block generative AI features. • Chatbot Subcomponent (botcomponent)
• Allow/block the public data source (i.e., Bing).
• Exempt a copilot from DLP policies
• Conversation Transcript (conversationtranscript)
• Assign Copilot Studio user licenses
 Individual bots can be exempted from DLP policies. • Control user access to environments
 Enable/disable dynamic chaining at bot level • Manage app permissions in Microsoft Teams
to block the Teams app
COPILOT

 Enable/disable generative answers at bot level.  Share/unshare copilots with other users for authoring.
• Disable self-service trial sign-ups: set
 Enable/disable intelligent topic authoring at user level.  Users with a System Administrator or System Customizer
AllowAdHocSubscriptions to $false
 Set bot authentication (None – if allowed, Only for roles can read and update all bots and transcripts.
• Share a copilot for collaborative authoring
Teams/Power Apps, and Manual – i.e., app registration)
• Configure web channel security
 Enforce Direct Line Web Channel security at bot level.
 Why do we share this?
Security, copilot, & user management • Entra ID groups should be leveraged to fully
drive user license assignment, environment
access, and security roles assignment.
Best practices to secure your Copilot Studio project • You should apply a most-restrictive
approach by default and relax requirements
on an exception basis.
Assign licenses to users through Entra ID groups
Grant the ‘Microsoft Copilot Studio User’ license to users through a group instead of individual assignment.
Useful resources:
Manage user access to environments through Entra ID groups
Only bot authors and a just-in-time admins should have access to your environments and data stores. • Assign licenses to a group
• Control user access to environments
Manage security role assignment through Entra ID group teams • Use group teams to assign security roles
Within each Dataverse environment, leverage group teams to assign security roles to users.
• Manage data loss prevention policies
Apply restrictive Data Loss Prevention policies to your environment • Disable the ability to publish copilots with g
DLP policies can be applies to your environments to block all connectors that are not required by the project as well as any bot enerative answers and actions
channel or setting that isn’t useful for the project (e.g., unauthenticated use, use skills, etc.). • Configure data movement across geographic
locations for generative AI
Review and only enable tenant, environment and copilot settings that are relevant • Configure web channel security
Tenant admins can disable publishing of GenAI-powered bots. Environment admins can disable GenAI features that require • Share and collaborate on chatbots
data movement outside of their region. Bot authors can require secured access for Direct Line. Internal chatbots can be limited
• Connecting and authenticating to sources
for use by specific groups instead of being available to all.
• Use environment variables for secrets
Review and tighten security of all integrations • Authentication variables
Connections should require strong authentication. Secrets should be stored in a secure location (e.g., Azure Key Vault). • Pipelines in Power Platform
Leverage delegation, impersonation or filtering for data access in the context of an end-user. • Activity logging
Have a gated release process to production • Customer-managed encryption
Deploying changes from dev to test and to prod should require reviews and be part of a gated process. • Customer lockbox
• IP firewall
Explore additional Power Platform, Dataverse and Entra ID security features • Virtual networks
E.g., audit logs, customer-managed keys, customer lockbox, IP firewall, network isolation, multi-factor authentication,
• Microsoft Entra ID security best practices
continuous access evaluation, etc.
 Why do we share this?
Copilot Studio security roles • These security roles grant permissions to
Copilot Studio configuration and data tables
in Dataverse.
Overview of standard Dataverse security roles and impact on Copilot Studio • To start creating and working on copilots,
users can be assigned the standard
Environment Maker security role. With this
Security Role / Table Chatbot Chatbot Subcomponent Conversation Transcript role, users only see their own copilots or the
bot botcomponent conversationtranscript
copilots that have been shared with them. If
System administrator Org (CRUD) Org (CRUD) Org (CRUD) too permissive, custom roles may also be
used.
Org (CRUD) • The Environment Maker role also lets users
System customizer Org (CRUD) Org (CRUD) Soon none create other related Power Platform
components (e.g., solutions, cloud flows,
Environment maker User (CRUD) User (CRUD) None connection references, environment
variables, etc.)
Bot Transcript Viewer None None User (Read) • To see transcripts, users must be granted at
least one role giving read access to the
Bot Author (deprecated) User (CRUD) User (CRUD) User (CRU) Conversation Transcript table.

Bot Contributor (deprecated) User (Read) User (CRUD) None

Useful resources:
Omnichannel administrator Org (Read) None None • Use group teams to assign security roles
• Security concepts in Dataverse
• Chatbot (bot) table/entity reference
How are Copilot Studio records secured in Dataverse? • Chatbot subcomponent (botcomponent) table
/entity reference
• When a chatbot is created, a team gets also created and the chatbot is shared with that team. • conversationtranscript table/entity reference
• Chatbot subcomponents (e.g., topics, entities, files, etc.) are shared with the same team.
• Conversation Transcripts are implicitly shared with their parent Chatbot's team, but only users that have a
read access on the Conversation Transcript table can access them.
 Why do we ask these questions?
Copilot security configuration • Understanding your key requirements
around security and making sure they are
mapped with existing features.
Detail your security requirements • Identify alternatives for scenarios not
natively covered.

Do you have a list of security Useful resources:

requirements for your copilot? Example answer (you can delete this) • Copilot Studio security
Enterprise copilots:
How are you going to
implement these? • Users need to be authenticated using Microsoft Entra ID.
• Users need to be automatically signed in.
• IPs need to be allow-listed in the corporate firewall.
• Need to integrate with internal, on-premises, APIs.
• Integrations must use service principals.
• Secrets must be stored in key vaults.
• Only specific apps should be able to call the copilot as a skill.
Citizen-developer copilots:
• The unauthenticated configuration need to be blocked on all
copilots and all channels.
• Copilot usage (inventory and conversations) need to be monitored
at the tenant level).
 Why do we ask these questions?
Data loss prevention policies • Administrators can govern copilots in their
organization by using data loss prevention
(DLP) policies with specific Copilot Studio
Enforcing security settings as well as exceptions at a global level connectors.
• Channels (Teams, Direct Line, Facebook,
Omnichannel), unauthenticated use, and Bot
Framework skills can be allowed or blocked.
How do you ensure that
internal confidential data Example answer (you can delete this) Useful resources:
doesn’t get available
Strong governance of connectors and authentication settings, • Security and governance in Copilot Studio
externally? especially for generative answers data sources. • Apply data loss prevention policies to copilo
ts
• Connector endpoint filtering

Do you plan to use DLP

policies to enforce Copilot Example answer (you can delete this)
Studio allowed channels and
authentication settings? Yes, by default no unauthenticated copilots are allowed and only the
Microsoft Teams channel can be used, to make sure they’re internal.

Do you plan to use DLP

policies to enforce allowed or
Example answer (you can delete this)
blocked Power Automate
connectors or HTTP requests? Yes, with Copilot Studio, only related business applications such as
Dynamics 365, ServiceNow and SharePoint are allowed. Endpoint
filtering will be used for allowed HTTP APIs.
 Why do we ask these questions?
Tenant and environment security • Copilot conversation transcripts are
automatically stored in Dataverse.
• These can contain sensitive customer
Securing access to data information that need to be protected.

Useful resources:
Do you enforce strong • Power Platform security
requirements for authentication? Multi-factor authentication and conditional access.
• Microsoft Entra multifactor authentication
• Microsoft Entra Conditional Access
• Use Azure Key Vault secrets
How do you control privileged
• Just-In-Time Access Management
users access to sensitive data? Just-in-time access to production.
• Manage application users
• Manage group teams
• Customer Lockbox
How do you manage secrets?
Azure Key Vault and Environment Variables

Do you use service principals or

managed identities? Service principals for integrations and deployments.

Do you have network security

requirements? Some internal APIs are only accessible in a VNET.

Do you audit and review access

periodically? Yes, every month. Roles only granted through groups.
 Why do we ask these questions?
Authentication & channel security • Authentication allows users to sign in,
giving your copilot access to a restricted
resource or information. Users can sign in
Authentication requirements with Microsoft Entra ID, or with any
OAuth2 identity provider such as Google or
Facebook.
• With Direct Line-based security, you can
Is the copilot working enable access only to locations that you
unauthenticated, Example answer (you can delete this) control by enabling secured access with
authenticated, or both? Direct Line secrets or tokens.
External copilot: hybrid authentication. The public website can start
chat sessions and handle FAQ questions unauthenticated, but specific
operations require the user to authenticate
Useful resources:
• Configure user authentication
If yes, what is the • Configure user authentication with Microsoft
Entra ID
authentication service? Example answer (you can delete this) • Configure web channel security
Internal copilot: “Manual” (AAD) or “Only for Teams and Power
Apps”. External copilot: “Manual” (Generic OAuth2)

Do you need to enforce web

and Direct Line channel
Example answer (you can delete this)
security?
Internal copilot: yes.
External copilot: no.
 Why do we ask these questions?
Single sign-on (SSO) • Copilot Studio supports single sign-on
(SSO), which means copilots can sign the
user in.
Automatic signing in authenticated users • SSO needs to be implemented on your web
pages, mobile applications.
• For Microsoft Teams, SSO is seamless if you
select the “Only in Teams” authentication. It
Do you have SSO
can also be configured with Manual AAD
requirements? Example answer (you can delete this) v2, but in this case the Teams app must be
deployed as a zip file, not with the 1-click
Internal copilot:
How are you going to • Teams users and intranet website users must be automatically
Teams deployment from Copilot Studio.
implement these? signed in (AAD v2).
• SSO must also work on the internal SharePoint intranet. Useful resources:
• Configure SSO with Entra ID for web/apps
External copilot: • Configure SSO with Entra ID for Teams
• SSO with Generic OAuth 2.
 Why do we ask these questions?
Monitoring • In addition to the native analytics features
within Copilot Studio, you can send
telemetry data to Application Insights.
Capture telemetry, measure performance, and setup alerts with Application Insights • You can send custom events to Azure
Application Insights.

How do you plan to Useful resources:

technically monitor your Example answer (you can delete this) • Capture Copilot Studio telemetry with Azure
copilots? Application Insights
Azure Application Insights to log activities, errors, and custom • Set up Application Insights with Power Auto
events. Also used to monitor Generative Answers and details on failed mate
or moderated answers.

How do you plan to

technically monitor your Example answer (you can delete this)
integrations and cloud flows?
Azure Application Insights for cloud flows.

Do you have other technical

monitoring requirements and
Example answer (you can delete this)
plans?
Yes, the copilot client load time on the web page will be monitored
with our web analytics tools.
Azure Application Insights example
Monitoring generative answers results and moderation customEvents
| where name == "GenerativeAnswers"
// | where cloud_RoleInstance == "MS Learn Chatbot"
| extend cd = todynamic(customDimensions)
| extend conversationId = tostring(cd.conversationId)
| extend topic = tostring(cd.TopicName)
| extend message = tostring(cd.Message)
| extend result = tostring(cd.Result)
| extend SerializedData = tostring(cd.SerializedData)
| extend Summary = tostring(cd.Summary)
| extend feedback =
tostring(todynamic(replace_string(SerializedData,"$","")).value)
| project cloud_RoleInstance, name, timestamp, conversationId, topic, message,
result, feedback, Summary
| order by timestamp desc
 Why do we ask these questions?
Governance • As customers expand their use of Microsoft
Power Platform to enable citizen developers
across their organizations, they also seek
How to you govern Copilot Studio at scale? capabilities to govern and monitor usage.
• The Microsoft Power Platform CoE Starter
Kit is a collection of components and tools
that are designed to help organizations
Do you plan to use the Center develop a strategy for adopting and
of Excellence Starter Kit to Example answer (you can delete this) supporting Power Platform.
monitor your copilots in your
Yes, the central CoE team already uses the Starter Kit to monitor
tenant? Power Apps and Power Automate. Copilot Studio monitoring will CoE Starter Kit features for
allow track usage across copilots and environments. Copilot Studio
• Keep track of the number of conversations
per copilot over time, with daily aggregates.
Do you have specific • Allocate a number of conversations per
governance requirements? environment
Example answer (you can delete this) • Receive capacity email alerts when
As capacity is purchased globally and pooled at the tenant level, environment add-ons get near or over their
tenant-wide analytics are required to implement a charge-back model. allocated number of conversations.
• Get an overview dashboard of Copilot
Studio usage in a tenant over time as well as
an all-up conversation consumption versus
allocation.
Do you allow users to create
copilots using Copilot Studio
Example answer (you can delete this) Useful resources:
for Teams?
No, Copilot Studio for Teams is blocked as an app in Microsoft • Center of Excellence Starter Kit with Copilot
Do you allow users to create Teams. Trials of Copilot Studio are blocked, and users need a license Studio: Govern, Monitor and Manage
Copilot Studio trials? to create copilots.
 Why do we ask these questions?
Compliance • Microsoft complies with data protection and
privacy laws applicable to cloud services.
Our compliance with world-class industry
Understand how regulatory requirements impact your project standards is verified.
• Environments can be created in specific
regions, even if different from the region the
tenant resides in.
What the regulatory • By default, conversation transcripts are only
requirements and norms you Example answer (you can delete this) kept for 30 days in Dataverse. This can be
need to comply with? updated on per-environment basis.
GDPR compliance.

Useful resources:
• Copilot Studio compliance offerings
• Copilot Studio GDPR compliance
Do you have hard • Copilot Studio Data Locations
requirements as to where the Example answer (you can delete this) • Managing compliance in the cloud
data must be located? • Service Trust Portal
Data location and processing must stay within the European Union • Change the default retention period for conv
boundary. ersation transcripts
• Move data across geographic locations for g
enerative AI features outside United States

Do you have other compliance

requirements?
Example answer (you can delete this)
• Transcripts must be kept for 2 years in a compliant location.
• Sensitive data must be obfuscated from transcripts
Application  Application Lifecyle Management example

Lifecycle  ALM strategy

Management  Environments
 Capacity
 Test strategy
 Training
 Run & maintenance
 Why is ALM important?
Application Lifecyle Management • Copilot Studio ALM is based on the broader
Power Platform ALM principles.
• They use the concept of solutions to package
Safely deploy customizations across environments and keep track of changes. and deploy customizations.

Example solution configuration What are ALM golden rules?

• Work in the context of solutions
Development Test Q.A. Production • Create separate solutions only if you need to
deploy components independently.
Copilot 1.0 Copilot 1.0 Copilot 1.0 Copilot 1.0
 Contoso Copilot  Contoso Copilot  Contoso Copilot  Contoso Copilot • Use a custom publisher and prefix.
 Copilot Components  Copilot Components  Copilot Components  Copilot Components • Use environment variables for settings and
secrets that change across those.
• Export and deploy solutions as managed,
Cloud Flows 1.2 Cloud Flows 1.1 Cloud Flows 1.1 Cloud Flows 1.1 unless setting up a dev environment.
 ServiceNow Flow  ServiceNow Flow  ServiceNow Flow  ServiceNow Flow
 Internal API Flow  Internal API Flow  Internal API Flow  Internal API Flow • Don’t do customizations outside of dev.
• Consider automating ALM for source
control and automated deployments.
Connectors & Variables 1.3 Connectors & Variables 1.3 Connectors & Variables 1.3 Connectors & Variables 1.2
 Connection Reference  Connection Reference  Connection Reference  Connection Reference What needs to be set manually?
 Env. Variables  Env. Variables  Env. Variables  Env. Variables
 Custom Connector  Custom Connector  Custom Connector  Custom Connector • Azure Application Insights integration.
• Deployed channels.
• Some security settings.
Learn from copilot usage in production to make improvements in dev for future releases
Useful resources:
• Use environment variables
Evaluate options from simple to advanced continuous integration & delivery (CI/CD)
• Power Platform ALM
Automate • Manual deployment of solutions
• Power Platform pipelines
• Automated deployment with user-friendly pipelines in Power Platform (no source control)
• Azure DevOps Power Platform Build Tools
• Automated deployment + source control with Azure DevOps or GitHub Power Platform tools.
• Use of the ALM Accelerator for #2 + #3 and advanced deployment options for both no-code and pro developers. • GitHub Power Platform Actions
Test •
• Automated testing of the copilot as part of the deployment process. ALM Accelerator for Power Platform
• Test Framework
 Why do we ask these questions?
ALM Strategy • It’s key to have a healthy ALM process to
avoid production issues and catch and fix
any regression early.
Detail your CI/CD processes

Useful resources:
How to you deploy your • Power Platform ALM
customizations, variables and Example answer (you can delete this) • Use segmented solutions
connections?
Deployment are done using Azure DevOps pipelines and managed
solutions. Environment variables are used for settings and secrets.
Connections are configured by a service account.

How do you organize your

solutions? Example answer (you can delete this)
A single solution with the copilot, cloud flows, connection references,
environment variables.
A single publisher, “Contoso” (cto_) is used.

Do you source control your

customizations?
Example answer (you can delete this)
Azure DevOps. Pull requests require peer reviews before
customizations are merged into the main branch and deployed to
downstream environments.
 Why do we ask these questions?
Environments • Knowing your tenant, environment, and
copilot ids can be useful for proactive
monitoring.
List the different environments and copilots for your project • Understanding how you setup your
environments is also important in relation
Tenant ID with your ALM processes.
8a235459-3d2c-415d-8c1e-e2fe133509ad
• The region can be meaningful for releases
and availability of certain features.
• It’s a best practice to limit access to an
Name Type Region Required apps Environment Id Bot(s) and Bot Id(s) environment to the specific members of a
Microsoft Entra ID security group.
Example answer (you can delete this)
Contoso DEV Sandbox Europe D365 + OC Voice 7f8448e4-b056-e6f9- Contoso Copilot
a235-ddec0aa85c0d cb093eb6-ec05-ee11-8f6e-
Useful resources:
000d3a5c61dd • Create and use environments
Contoso TEST Sandbox Europe D365 + OC Voice 47378d94-f56c-eed0- Contoso Copilot • Control user access to environments
b8cd-89d17d7e31b3 d182abc5-7335-ee11-bdf4-
000d3a37044a
Contoso QA Sandbox Europe D365 + OC Voice 20bb12c3-1a5c-e8ff- Contoso Copilot
b0f7-4f32adef8616 64c03bd0-04c4-499a-8fa6-
77de5d1d27aa
Contoso Production Europe D365 + OC Voice c53bf002-7923-4d1c- Contoso Copilot
b5ae-3265093d59e1 65d3b807-8cd7-4b58-afae-
768ecd914db7
 Why do we ask these questions?
Licensing & capacity • Understanding what you have purchased in
terms of capacity for the project.
• Potential impact of design on capacity and
Aligning product, user licenses & add-ons to technical and business requirements licensing. E.g., keeping conversation
transcripts will grow database storage.
• Additional services, such as Azure OpenAI
Product Quantity Capacity Comments and AI Search (if used as the Azure OpenAI
‘on your data’ data source in generative
Example answer (you can delete this) answers), Data Lake (if used to store
Copilot Studio User 50 50 users For Copilot Studio bot authors conversation transcripts) or Application
Insights (to log additional telemetry) require
Copilot Studio Messages 100 2,500,000 messages / month To allocate per environment an Azure subscription.
Dataverse Database Storage 50 50 GB + 10 GB Database base capacity • Power Automate cloud flows owned by a
Dataverse File Storage 5 5 GB + 20 GB Database base capacity service principals require a Power Platform
Process license. If owned by a user, they’re
Dataverse Log Storage 5 5 GB + 2 GB Database base capacity covered for premium connectors and come
Power Platform Requests 1 50,000 requests / 24h + 250,000 requests / 24h base capacity with a base capacity of 250,000 requests per
month.
Power Automate Process 4 4 processes / month To run flows with service principals
Azure OpenAI P11 Standard 1 gpt-35-turbo model
Useful resources:
Azure AI Search Service 1 Basic Tier 1 Replica, 1 Partition, 1 Search unit
• Assign user licenses and manage access
Azure Storage 1 StorageV2 RA-GRS
• Quotas in Copilot Studio
Azure Application Insights • Licensing overview for Power Platform
• Copilot Studio pricing
• Power Automate pricing
• Power Platform Licensing Guide
• Azure OpenAI Service pricing
• Azure AI Search pricing
• Azure Data Lake pricing
• Azure Application Insights pricing
 Why do we ask these questions?
Test strategy • Understand your plans to validate that your
copilots and integrations work as expected.

Test plan and non-functional requirements Useful resources:

• Automate testing of your bots with the Test
Framework sample solution
What is your test strategy for
your copilots and Example answer (you can delete this)
integrations?
Use of the Test Framework to bulk test user utterances and validate
that the appropriate topic triggers or that the first ‘did you mean’
option is the correct one in 90% of the time.
Integrations will be tested as part the full end-to-end conversation
testing with the Test Framework scale test capability.

Do you have non-functional

requirements?
Example answer (you can delete this)
Chat widget on the website should load and start the conversation in
less then 5 seconds when clicked.
Cloud flows triggered to return information to the user need to return
the desired data in a maximum of 10s.
Analytics  Engagement and outcomes

& KPIs  Analytics strategy

 Optimization strategy
 Why do we ask these questions?
Engagement and outcomes • Tracking conversation engagement and
outcomes is crucial to measure the copilot
performance metrics and spot areas for
How do you track engagement rates & session outcomes? 1 improvements in the analytics dashboard.
• A conversation with a Copilot Studio copilot
️⃣ can generate one or multiple sessions.
• A conversation can have multiple sessions when
a user has new questions after an initial
4️⃣
conversation completed ( ).
Example answer (you can delete this) • Sessions are either Unengaged or Engaged.
Unengaged sessions always have an outcome of
• Every conversation path, including Generative Answers ones, None.
end with the End of Conversation topic. • 1️⃣
A session is engaged ( ) by either triggering a
• End of Conversation topic is customized to make the custom topic or the Escalate topic.
resolution validation as simple as possible for the end-user. 2️⃣ • Engaged sessions outcome can be either:
• Conversation outcomes are also set at specific node levels  Abandoned
 Resolved
(in the YAML).  Escalated

• It’s important to end conversation with the End

of Conversation2️⃣ topic ( ) so that the end-user
can confirm their issue was resolved or not (and
potentially escalate).
•
3️⃣ The Confirmed Success topic displays a CSAT
survey 3️⃣
( ) to capture a 0-5 score.
• A ‘conversationOutcome’ can also be set at the
node level in the code editor view.

Useful resources:
4️⃣ • Key concepts – Analytics
• Measuring copilot engagement
• Measuring copilot outcomes
 Why do we ask these questions?
Analytics strategy • Copilot Studio provides comprehensive out-
of-the-box analytics that allow customers to
understand a copilot's usage and key
Detail your strategy to monitor your copilot key performance indicators performance indicators.
• Customers can view reports related to:
 Performance and usage.
 Customer satisfaction.
Do you have an analytics  Session information.
strategy? Example answer (you can delete this)  Topic usage.
 Billed sessions.
• Initially, only a few set of KPIs will be defined for the copilot
Do you plan to develop your success, essentially the engagement rate, resolution rate and the
• However, there are often scenarios where
own custom analytics? you'll need to create or use custom analytics.
defection rate. For example, you may need to:
 Share analytics with non-makers or
• In phase 1, assess the native dashboards, even though they’re
If you are going to create your users.
limited to 30-day of data.
own reports, please detail how  Report on conversation transcripts data

and where you plan to store • In phase 2, develop a Power BI report consuming the copilot and for a period longer than the default last
Conversation Transcript data directly from Dataverse. This will 30 days.
the data.  Design a report not covered by out-of-
also be the opportunity to enrich copilot data with other business
the-box analytics.
metrics such as sales or website traffic.
• In phase 3, move data to cheaper long-term storage option (e.g.,
Azure Data Lake) and update the Power BI report to point to Useful resources:
these storage points. • Custom analytics strategy
 Why do we ask these questions?
Optimization strategy • Return on investment (ROI) and improved
customer satisfaction (CSAT) are top
priorities for the organizations that
What is your plan to keep improving your copilot’s performance and ROI? implement Copilot Studio copilots.
• Optimizing the copilot deflection rate is one
of the top focus areas for organizations to
achieve their business goals around ROI and
Detail your strategy to CSAT, and to improve the copilot's overall
regularly improve your Example answer (you can delete this) performance. There are major indicators in
Copilot Studio that help improve copilot
copilot Monthly review of the copilot performance performance, such as resolution rate,
• Deflection rate escalation rate, and CSAT.
• While the metrics continue to evolve, there
• Resolution rate are several things you can do as a copilot
• Engagement rate builder to improve the deflection rate of your
copilot. In these articles, we cover the
• Topics with low resolution importance of deflection in conversational
• Unrecognized utterances AI and general techniques/considerations
that are universal for optimizing deflection
• Analysis per channel for copilots.

This review helps prioritize the backlog of copilot updates. For

Useful resources:
example, unrecognized utterances are used to either train existing • Deflection optimization
topic or create new topic where there is demand.
Gaps & top  Gaps

requests  Top requests

 Why do we ask these questions?
Gaps • Help us prioritize our future investments by
flagging gaps and submitting feature
requests.
What are the main feature gaps you have identified • Detailing the business impacts for your
organization helps build a business case for
them.
Gap #1
Useful resources:
Example answer (you can delete this)
• aka.ms/CopilotStudioFeatureRequest
No native first-party IVR without Dynamics 365 Omnichannel Voice

Gap #2
Example answer (you can delete this)
No native integration with WhatsApp

Gap #3
Example answer (you can delete this)
Pro-code is required for a SharePoint integration with single sign-on
support.
 Why do we ask these questions?
Top requests • Help us prioritize our future investments by
submitting feature requests and detailing the
business impact they have for your
What are the top gaps, feature requests, and priorities? organization by using the link below.

Useful resources:
Request #1 • aka.ms/CopilotStudioFeatureRequest
Example answer (you can delete this)
P1: native file upload support by end-users to upload pictures that are
then analyzed with OCR.

Request #2
Example answer (you can delete this)
P1: support for right-to-left languages Arabic and Hebrew.

Request #3
Example answer (you can delete this)
Ability to disable adaptive card buttons once they have been actioned.
Dynamics 365  Chat widget integration & customizations
Omnichannel for  Omnichannel hand-off
Customer Service  Unified Routing Configuration
(optional)

Note: it is expected for Dynamics 365 Omnichannel for Customer Service to have an extended implementation review, typically with FastTrack teams.
This chapter calls specific items which are important for the Copilot Studio and Omnichannel integration.
 Why do we ask these questions?
Chat widget integration & customization • Within Dynamics 365 Omnichannel for
Customer Service, there is a customized
Copilot Studio chat widget which is utilized
How are you modifying the chat widget in Dynamics 365 Omnichannel? rather than the native Copilot Studio widget
without Dynamics 365 Omnichannel. This
customized out-of-the-box widget is a
component that Dynamics 365 customers
Please describe the planned can utilize to get a greater number of options
Example answer (you can delete this) to tailor the widget without having to spend
use of the chat widget. a lot of time on the configuration every
• Use of the LCW v2 configured with the brand theme. single time.
Do you plan to develop a • Many context variables, including web page, user ID, locale, etc. • Some of these options include the design but
also include functionality like business hours
custom version of the must be passed from the website to the chat widget.
and even channel specific behavior like
widget? • Widget and first message should load in less than 5 seconds. persistent chat experiences.
• • Ensure you have reviewed these options
Internal mobile app teams are also looking to integrate their
within the chat widget
Do you have other client native app with Omnichannel through APIs.
• Additionally, ensuring you take into
requirements for specific consideration the connection experience
between Copilot Studio and Omnichannel in
channels? the ‘Agent Hand-off’ area of the Copilot
Studio portal, and track your environments
based on your environment structure, as well
What your expectations for as the copilot users within each environment
the widget load time and
first message display? Useful resources:
• Configure the chat widget
How are you making sure • Develop a custom live chat widget
• Omnichannel Live Chat Widget SDK
the first message is fast?
 Why do we ask these questions?
Copilot Studio & Omnichannel hand-off • You can directly use the ‘Escalate’ system
topic to be able to escalate to a live agent in
Dynamics 365 Omnichannel within Copilot
Connect your Copilot Studio copilot to Dynamics 365 Omnichannel Studio.
• Make sure you consider the experience of
both the user and the agent when designing
this functionality.
Which topics within will link • Consider what data you wish the Dynamics
to the ‘Escalate’ topic? Example answer (you can delete this) 365 Omnichannel agent to receive from the
copilot when a handover is successfully
• Standard behavior will be maintained to escalate.
taken place e.g., data passed to the agent.
Do you need to extend the • Over the voice channel, DTMF key 0 will escalate to a live agent.
‘Escalate’ topic? If so, how • Fallback topic will not be used over the voice channel but will be Useful resources:
and why? used on the website: generative answers will be used before the • Configure the Copilot Studio copilot
user can escalate.
Would you be utilizing both
the ‘Escalate’ and ‘Fallback’
topic?

Have you considered what

the waiting experience for a
handover to Dynamics 365
looks like and any
limitations of the default
experience?
 Why do we ask these questions?
Unified routing configuration • Unified routing is critical because within
Dynamics 365 Omnichannel this is how a
copilot, or a user, is routed to another queue.
How is your copilot being routed? • Consider expanding on this slide by creating
a routing diagram that can be used to
describe the simple routing experience you
are proposing on using.
Have you considered the • This would help identify any gaps or
routing experience when a Example answer (you can delete this) dependencies.
copilot escalates a • Only one queue and support team.
Useful resources:
conversation?
• Overview of unified routing

Which queue is it being

routed to?

You may have a blueprint

where the copilot is
escalated but re-directed to
another copilot, for
example in another
language. How are you
differentiating this routing
(e.g., conditions) managing
those variables, and also
managing a true escalate to
human experience?
 Why do we ask these questions?
Omnichannel Voice integration • To route customers call to the best
department, diagnose issues, collect
information, and give recommendations,
Using Copilot Studio as an Interactive Voice Response (IVR) conversational IVR copilots speak to
customers when they call in. Copilot Studio
makes it easy to author IVR copilots and you
can use the same copilots for other channels,
Do you plan to use like chat and voice.
Omnichannel Voice? If yes, Example answer (you can delete this) • It’s important that the implementation of
Voice with Copilot Studio as an IVR is well
please detail how. • Omnichannel Voice is used. planned and expectations appropriately set.
• Conversations and messages in general are designed to be shorter
Do you plan to have for the voice channel. Useful resources:
different conversation paths • Topics will have branching logic based on the channel. • Voice channel in Omnichannel
and formats, or even • DTMF options are offered as much as possible, to navigate menus • Configure Copilot Studio bots for voice

copilots based on the and to provide client IDs. • Use SSML to customize speech responses

channel? • Tests will be performed by group of pilot users testing in real-life

conditions.
• Silence detection, barge-in, noise cancelation, are crucial for the
How are you planning to
voice channel success.
test it in real-life scenarios?
(E.g., with background
noises, etc.)

Do you have specific

requirements for the voice
channel? (E.g., DTMF,
barge-in, silence
Thank you
 Learn more

Get Copilot Studio website aka.ms/CopilotStudio

started today Blog aka.ms/CopilotStudioBlog

Demo aka.ms/CopilotStudioDemo
aka.ms/TryCopilotStudio Product documentation aka.ms/CopilotStudioDocs

Product guidance aka.ms/CopilotStudioGuidance

Implementation guide aka.ms/CopilotStudioImplementationGuide

Community page aka.ms/CopilotStudioCommunity