Skip to Content
TutorialsMigrating to Copilot Studio

Migrating to Copilot Studio

TL;DR: You will copy an agent built in Microsoft 365 Copilot Agent Builder into Microsoft Copilot Studio, then put it under solution-based application lifecycle management so changes flow through dev, test and production with audit and compliance controls.

What you will learn

  • How to copy an Agent Builder agent into Copilot Studio without rebuilding it from scratch.
  • Which agent configurations carry over and which you must reconnect by hand.
  • How a Copilot Studio agent is stored in Microsoft Dataverse and managed inside a Power Platform solution.
  • How to establish a dev, test and production environment strategy for safe, auditable releases.
  • The governance gates a security practitioner must apply before publishing an agent to the organisation.

Prerequisites

  • A Microsoft 365 Copilot add-on licence (Agent Builder and Copilot Studio are both included for authenticated users). Copilot Credits or a pay-as-you-go plan can substitute if no Copilot licence is assigned.
  • An existing agent you created in Agent Builder in the Microsoft 365 Copilot app.
  • Access to a Copilot Studio environment that meets the environment requirements and is not blocked from publishing to Microsoft 365 and Teams.
  • Power Platform admin centre access (or a cooperating admin) to manage environments, security roles, connector policies and data loss prevention.
  • The maker security role and privileges in the target Dataverse environment, since the solution explorer inherits your role privileges.
  • Microsoft Entra ID P2 is recommended where you intend to scope environment access with security groups and conditional access.

Copy the agent into Copilot Studio

Start the copy

  1. Open your agent in the Microsoft 365 Copilot app under your built agents.
  2. Select the More options ellipsis menu, then choose Copy to Copilot Studio.
  3. Wait for the copy to complete. Copilot Studio creates a snapshot of the agent and uses it to define the new agent. Every copy operation creates a brand new agent, so avoid running concurrent copies of the same source agent.
  4. If this is your first agent in Copilot Studio, complete the first-run experience, then continue from the Create Agents screen.
  5. Select Save to ensure the agent data is stored in Dataverse.

Know what carried over

The copy brings across the static definition fields: name, description, instructions, suggested prompts and the agent icon. It also brings SharePoint files, folders and sites added as knowledge, plus websites added as knowledge.

Some configurations do not carry over and need manual action after the copy:

ConfigurationAction after copying
Enterprise knowledge (Copilot connectors)Set up the connectors again in Copilot Studio.
Scoped Copilot connectorsNot currently supported in Copilot Studio.
Embedded filesUpload the files again in Copilot Studio.
Teams chats and meetings as knowledgeAdd the Power Platform connector for Teams.
Emails as knowledgeAdd the Power Platform connector for Outlook.
Create documents, charts and codeEnable the code interpreter in agent settings.
Create images from promptsNot currently supported in Copilot Studio.

The original Agent Builder agent stays available and is unaffected by later changes to the copy. Test the copied agent in the Copilot Studio test pane before you publish it.

Put the agent under ALM

Understand the solution model

When you create or copy an agent in Copilot Studio, it is created inside a Power Platform solution and stored in Microsoft Dataverse. Solutions are the mechanism that lets you transport the agent and its components across environments through export and import. This is what turns an ad hoc agent into a managed, releasable application.

Follow these golden rules to keep the lifecycle clean:

  1. Do not customise outside of a development environment.
  2. Always work in the context of solutions, with a custom publisher and prefix.
  3. Use environment variables for settings and secrets that differ across environments.
  4. Export and deploy solutions as managed everywhere except the development environment.
  5. Consider automating deployments with pipelines, Azure DevOps or GitHub, and enable native Git integration for source control.

Establish your environments

  1. Create at least three environments: development, test and production. Configure development and test as sandbox type, and production as a production type environment.
  2. Secure every environment by applying a Microsoft Entra security group so only its members have access.
  3. Build and customise the agent only in the development environment.
  4. Export the agent solution and import it into test as a managed solution, then validate against your acceptance criteria.
  5. If testers find defects, fix them in development and promote again. Once test passes, deploy the managed solution to production.

Reconnect items that are not solution-aware

A few Copilot Studio settings do not travel inside the solution and must be reapplied on each downstream environment after deployment. Plan a post-deployment checklist that covers:

  1. Azure Application Insights settings.
  2. Manual authentication settings.
  3. Direct Line and web channel security settings.
  4. Deployed channels.
  5. Sharing with other makers and with end users.

Publish with oversight

  1. From Copilot Studio, publish the agent and select the channels it should reach, such as Teams or a website.
  2. Where you intend organisation-wide visibility, publish to the Teams app store so an admin can review and pin the agent. Publishing to the org catalogue requires admin approval, which gives you a deliberate governance gate.
  3. After publishing, decide whether to retire the original Agent Builder agent and communicate the migration to everyone you shared it with.

Governance call-outs

  • Knowledge re-grounding is a data-exposure decision. Connectors, embedded files and Teams or Outlook knowledge must be reconnected by hand. Treat each reconnection as a fresh least-privilege review rather than assuming the old scope was correct.
  • Environment isolation is your blast radius control. Apply a Microsoft Entra security group to every environment and keep production as a production type environment so makers cannot customise it directly.
  • Apply DLP and connector policies at the environment level. Use the Power Platform admin centre to set data loss prevention and advanced connector policies before anyone publishes, so agents cannot reach unauthorised systems.
  • Use the publishing approval as a compliance gate. Org catalogue and Teams app store submissions require admin review, giving security a checkpoint to verify sensitivity labels, knowledge sources and channel exposure.
  • Preserve identity and audit trails. Agents are stored in Dataverse and benefit from Microsoft Purview audit logs, sensitivity labels and retention. Confirm auditing is on and that security roles, not broad sharing, govern who can edit each agent.

Next step

Continue with the next tutorial.

Sources

Licensed under CC BY 4.0  by Educ4te .

Last updated on
Knowledge GovernanceCopilot Studio Governance & Lifecycle