Copilot Studio

Dynamic Connection Using Azure Key Vault Credentials in Copilot Studio Agent

(2) Share

Report

Posted on by CU10061029-0

Hi everyone,

I am currently working on building an agent using Microsoft Copilot Studio and need guidance on a specific requirement.

I want to design an agent that can:

Retrieve credentials securely from Azure Key Vault at runtime

Use those credentials to dynamically connect to different platforms such as OneDrive, Azure DevOps, and other external systems

Based on the user query, establish the required connection dynamically, fetch relevant data, and return the response

However, based on my research so far, Copilot Studio seems to rely on preconfigured connectors and does not support dynamic runtime connections.

I would like to understand:

Is there any way to achieve this behavior in Copilot Studio?

Are there any recommended workarounds using Power Automate, custom APIs, Azure Functions, or MCP tools?

What would be the best practice for handling secure and dynamic multi-source connections in this scenario?

Any suggestions, references, or implementation ideas would be highly appreciated.

Thank you!

copilot_architect...

Your file is currently under scan for potential threats. Please wait while we review it for any viruses or malicious content.

Categories:

General topics

I have the same question (0)

All responses (7)

Answers (0)

Sort by

Suggested answer

Sajeda_Sultana 156 on at

Like (1)

Report
Copy link

Link copied!

Hi @ CU10061029-0,

What worked for me was to keep all the Azure Key Vault pieces in Power Automate and let the Copilot Studio agent call a flow that returns the secret it needs at runtime.

1. Create a Key Vault in Azure

2.Build the Power Automate flow that your agent will call
The attached image is exactly that step: the flow has the When an agent calls the flow trigger and a Get secret action with the service principal–based Key Vault connection. This connection is created once and securely stored on the platform side, not in the chat.

3. Call the flow from your Copilot Studio agent

Why I prefer this pattern
The service principal credentials and Key Vault details never appear in the conversation; they live only in the secure Power Automate connection.
The agent still behaves “dynamically” because it can decide at runtime which secret it wants by passing different names into the flow.

You can manage rotation and access entirely through Azure Key Vault and Entra ID, while Copilot Studio just consumes the secret via the flow.
That’s the approach I’m using for agents that need to pull secrets from Azure Key Vault without exposing any credentials in the agent configuration.

✅ If this helped solve your issue, please Accept as Solution so others can find it quickly.

❤️ If it didn’t fully solve it but was still useful, please click “Yes” on “Was this reply helpful?” or leave a Like :).

🏷️ For follow-ups @Sajeda_Sultana

Was this reply helpful? Yes No
Suggested answer

11manish 2,286 on at

Like (1)

Report
Copy link

Link copied!

Copilot Studio does not support dynamic runtime connections using credentials retrieved from Azure Key Vault, as it relies on preconfigured connectors and secure connection references.

The recommended approach is to implement a backend service (such as Azure Functions) that retrieves secrets securely from Azure Key Vault using managed identity, dynamically connects to external systems, and returns normalized results.

Copilot Studio should call this backend via Power Automate or direct API actions, acting as an orchestrator rather than handling authentication or dynamic connectivity itself.

Was this reply helpful? Yes No
Nivedipa-MSFT Microsoft Employee on at

Like (1)

Report
Copy link

Link copied!
Hello CU10061029-0,
Copilot Studio does not support runtime dynamic connections; connectors must be set during design time. To handle dynamic logic, move it outside the agent.

Recommended approach

Agent → Custom Connector → Azure Function → Key Vault and target APIs

Azure Function serves as the orchestrator, using Managed Identity to securely retrieve secrets from Key Vault at runtime and then call services like OneDrive (Graph), Azure DevOps REST, and others.

Encapsulate this logic in a Custom Connector (or MCP server) and add it as a tool for your agent.

Assign a separate tool for each system to improve tool-selection accuracy.

Best practices

Keep secrets in Key Vault only; avoid storing them in flows or agent variables.

Use Managed Identity for application authentication, and OBO flow for delegated access, such as with OneDrive.

Return data to the agent in structured JSON format.

If tokens are reused, cache them in the Function and consider placing it behind APIM.

If you found the information above helpful, I would appreciate it if you could share your feedback.

Your feedback is important to us. Please rate us:

🤩 Excellent 🙂 Good 😐 Average 🙁 Needs Improvement 😠 Poor

Was this reply helpful? Yes No
Suggested answer

Haque 2,975 on at

Like (2)

Report
Copy link

Link copied!
Hi @CU10061029-0

You are correct that Microsoft Copilot Studio primarily relies on preconfigured connectors and does not natively support fully dynamic runtime connections where credentials and connection targets change on the fly within the agent itself.

Recommended patterns and workarounds for securely retrieving credentials from Azure Key Vault and dynamically connecting to different platforms like OneDrive, Azure DevOps, or others are:

Leverage Environment Variables Linked to Azure Key Vault Secrets:

Store credentials securely in Azure Key Vault.

In Power Platform, create environment variables of type "secret" that reference these Key Vault secrets.

Copilot Studio can then access these environment variables at runtime securely without storing secrets in Dataverse.

This approach secures credentials and allows you to update them centrally in Key Vault.

Preconfigure Connectors with Environment Variables:

For each system (OneDrive, Azure DevOps, etc.), create a dedicated connection using the credentials stored in environment variables.

These connections are static but can be updated by changing the Key Vault secrets behind the environment variables.

Orchestrate Dynamic Connection Logic Outside the Agent:

Implement the dynamic connection and data retrieval logic in Power Automate flows or Azure Functions.

The agent passes the user query and target system info to these flows/functions.

The flows/functions use the appropriate preconfigured connection or retrieve credentials from Key Vault to connect dynamically and fetch data.

I am sure some clues I tried to give. If these clues help to resolve the issue brought you by here, please don't forget to check the box Does this answer your question? At the same time, I am pretty sure you have liked the response!

Was this reply helpful? Yes No
Suggested answer

Valantis 5,197 on at

Like (1)

Report
Copy link

Link copied!

Hi @CU10061029-0,

Your research is correct. Copilot Studio does not support fully dynamic runtime connections where you pick up credentials from Key Vault and spin up a new connector on the fly. Connectors in Copilot Studio are preconfigured at design time. But there is a supported path to achieve what you need.

The confirmed approach from Microsoft docs is:

1. Store your credentials in Azure Key Vault
2. Reference them as environment variables in Power Platform (Key Vault secret environment variables)
3. Use those environment variables inside a Power Automate flow or agent flow that the agent calls as a tool
4. The flow retrieves the secret at runtime, uses it in an HTTP action or custom connector call to connect to OneDrive, Azure DevOps, or whatever target system, and returns the result to the agent

Microsoft explicitly confirms that agent flows support getting credentials from Azure Key Vault for authentication and hide sensitive values like keys and secrets in flow action history.

For the dynamic multi-source part (connecting to different systems based on user query), the recommended pattern is:

- One flow per target system (OneDrive flow, Azure DevOps flow, etc.), each pulling its own credentials from Key Vault via environment variables
- The agent uses generative orchestration to decide which flow/tool to invoke based on what the user is asking
- The agent never sees the credentials directly

Azure Function as a middle layer also works if you need more flexibility than Power Automate allows, for example cross-tenant connections or credential rotation without environment variable updates. The function retrieves the secret from Key Vault using managed identity (no stored credentials at all) and handles the connection itself.

MCP tools are also viable if you build a custom MCP server that wraps your target systems and handles auth internally.

Ref: https://learn.microsoft.com/en-us/power-apps/maker/data-platform/environmentvariables-azure-key-vault-secrets

Ref: https://learn.microsoft.com/en-us/microsoft-copilot-studio/guidance/integrations

Best regards,

Valantis

✅ If this helped solve your issue, please Accept as Solution so others can find it quickly.

❤️ If it didn’t fully solve it but was still useful, please click “Yes” on “Was this reply helpful?” or leave a Like :).

🏷️ For follow-ups @Valantis.

📝 https://valantisond365.com/

💼 LinkedIn

▶️ YouTube

Was this reply helpful? Yes No
Haque 2,975 on at

Like (0)

Report
Copy link

Link copied!

Hi @CU10061029-0,

Was following up - if you got your expected clue or not. If the answeres were helpful, please mark the answer verfied. Thanks.

Was this reply helpful? Yes No
Sajeda_Sultana 156 on at

Like (0)

Report
Copy link

Link copied!

Hi CU10061029-0 ,

Just following up to check if everything is working now. Let me know if you still need any help - I’m happy to assist.

If the issue has been resolved, please consider marking the answer as solved so it can help others with a similar question.

Thanks, and have a great day!

Was this reply helpful? Yes No