![Introducing dynamic tool discovery for MCP-based agents and connectors in Microsoft 365 Copilot [MC1330889]](https://mwpro.co.uk/wp-content/uploads/2024/08/pexels-noellegracephotos-906018-1024x683.webp "Introducing dynamic tool discovery for MCP-based agents and connectors in Microsoft 365 Copilot [MC1330889] 1")
[Introduction]
We’re excited to announce dynamic tool discovery, a new capability for declarative agents and federated Copilot connectors in Microsoft 365 Copilot that are built on the Model Context Protocol (MCP).
Today, when an MCP server is used by a declarative agent action or a federated Copilot connector, the tools it exposes are imported and packaged into the consuming agent or connector at publish time. Any change to that tool surface, such as adding a new tool, removing a deprecated one, or updating a tool’s schema or description, requires the agent or connector to be repackaged, re-validated, and republished before users see the change.
With dynamic tool discovery, the agent or connector resolves its available tools at runtime, directly from the MCP server. This lets users access the latest capabilities of an MCP server in near real time, without waiting on a republish cycle.
Dynamic tool discovery is starting with declarative agents (DAs) that use MCP server-based actions, and will soon be available for federated Copilot connectors (FCCs), including both Microsoft-published and custom connectors.
[When this will happen]
Rollout will happen in two waves:
– **Declarative agents (MCP server-based actions):** rollout is expected to complete by end of June 2026.
– **Federated Copilot connectors (Microsoft-published and custom):** rollout is expected in July 2026.
Public documentation will be updated around the same time.
[How this will affect your organization]
Who is affected?
Organizations with Microsoft 365 Copilot licenses where Microsoft-published declarative agents that use MCP server-based actions, or federated Copilot connectors, are enabled.
What will happen?
Microsoft-published declarative agents (and, in the next wave, federated Copilot connectors) that use MCP servers will begin resolving their tool list from the MCP server at runtime, instead of from the tool list captured at publish time. End users will see new tool capabilities surfaced shortly after the MCP server publishes them, and deprecated tools will be retired without waiting for a republish.
Admins will have the following transparency, governance, and audit capabilities through the Microsoft 365 admin center (MAC) and Microsoft Purview:
– **Identify agents and connectors that use dynamic tool discovery.** The agent or connector details view in MAC indicates whether dynamic tool discovery is in use. For agents and connectors that use dynamic discovery, the details view shows a placeholder explaining that the tool list is resolved at runtime, instead of enumerating a fixed tool list. *[Placeholder: confirm exact label and screenshot from the admin experience team.]*
– **Disable or scope an agent or connector.** There is no separate switch for the dynamic tool discovery capability itself. Admins use the existing per-agent or per-connector controls to disable a specific agent or connector, or to assign it to specific users or groups for staged availability. Enablement, scoping, and disablement work the same way regardless of whether dynamic or static tool discovery is in use.
– **Audit interactions in Microsoft Purview.** Interactions with agents and connectors that use dynamic tool discovery are recorded in the Microsoft Purview audit log under the `Copilot` workload, alongside interactions with any other declarative agent or federated Copilot connector. Admins can locate these records by filtering on `Workload = Copilot` in Purview audit search, and can identify the specific agent or connector using the `TargetAgentName` field in `CopilotEventData`.
Screenshot 1 – Identify agents and connectors with dynamic tool discovery in MAC:
[What you need to do to prepare]
– Review which Microsoft-published declarative agents and federated Copilot connectors in your tenant use MCP servers and will pick up dynamic tool discovery as part of this rollout.
– Use the agent or connector details view in the Microsoft 365 admin center to identify which ones use dynamic tool discovery.
– If a specific agent or connector does not align with your organizational policies, disable or scope it using existing per-agent or per-connector controls.
– Familiarize your compliance and security teams with locating relevant Purview audit records by filtering on `Workload = Copilot` and the `TargetAgentName` field.
– Review the public documentation for dynamic tool discovery when it is published.
[Compliance considerations]
This change does not introduce new customer data storage or modify existing Microsoft 365 compliance controls:
– No new customer data is stored by Microsoft.
– No changes to how existing customer data is processed or accessed.
– No new AI/ML interaction patterns with stored customer data.
– No impact to:
– Data Loss Prevention (DLP)
– Sensitivity labels
– Conditional Access
– Audit logging
– eDiscovery or Content Search
– Encryption or key management
– Retention or deletion workflows
– No changes to GDPR Data Subject Rights handling.
Newly discovered or modified tools are screened at runtime in accordance with Microsoft enterprise security and responsible AI standards before they are activated for end users. Tool changes that fail validation are blocked.
For Microsoft-published agents and connectors, the existing publisher attestation and Microsoft 365 certification model continues to apply at publish time, in addition to the runtime validation described above.
Source: Microsoft
Latest Posts
- Introducing dynamic tool discovery for MCP-based agents and connectors in Microsoft 365 Copilot [MC1330889]
- (Updated) Microsoft 365 Copilot: Turn Copilot Pages into SharePoint News posts [MC1239186]
- Microsoft Teams: Breakout rooms now supported in meetings with up to 1,000 attendees [MC1330891]
- Logs – New Turnstile Events Logpush dataset in Cloudflare Logs
