Power Platform Community Forum Thread Details

Hi,

In testing a multi agent setup, I've found that a user that only has access to the primary agent can still use topics from the connected (not child) agent, even though the user doesn't have access to the connected agent.

Is this behaviour expected or am I doing something wrong? I may be missing something but I couldn't find much in the way of access rights and connected agents in the documentation.

Categories:

General topics

Yes, that behavior is expected.

When you connect another agent in Copilot Studio, the primary agent becomes the only entry point for the end user. The user never talks directly to the connected agent. Instead, the orchestration engine inside the primary decides when to call the connected agent on the user’s behalf.

Because of that, end-user permissions to the connected agent don’t come into play. The only requirement is that the connected agent has “Let other agents connect to and use this one” turned on. From the platform’s perspective, it is the primary agent calling the connected one, not the user.

If you want to prevent this, you can disable that setting and remove the connection.

If you want to allow it only for certain people, you’ll need to add authentication/authorization in the primary (for example using Entra ID groups) and branch the conversation so only authorized users get handed off to the connected agent.