![Manage agent permissions directly in Microsoft Admin Center (MAC) [MC1147969]](https://mwpro.co.uk/wp-content/uploads/2024/08/pexels-wildlittlethingsphoto-4402092-1024x683.webp "Manage agent permissions directly in Microsoft Admin Center (MAC) [MC1147969] 1")
[Introduction]
The new Unified Permissions Management feature gives admins a consistent view of all required applications and delegated permissions, along with their associated risk levels. This enables clearer understanding of consents and supports more informed decision-making. From the Permissions tab, admins can now provide consent directly, and once granted by the Global Admin, the AI Admin Role can deploy agents.
This message is associated with Roadmap ID 502617.
[When this will happen:]
General Availability (Worldwide): Rollout will begin in mid-September 2025 and is expected to complete by late September 2025.
[How this affects your organization:]
Who is affected: Admins managing agent deployment and consent in Microsoft 365.
What will happen:
- Permissions are now surfaced earlier in the agent lifecycle, rather than being embedded in deployment steps—supporting informed decision-making.
- Admins can manage these permissions directly from the Microsoft Admin Center (MAC), reducing workflow interruptions and improving operational efficiency.
- The AI Admin Role can deploy agents once consent is granted by a Global Admin.
- Each permission will display a risk level to help assess impact.
- Automation scenarios will be available to streamline low-risk agent enablement.
[What you can do to prepare:]
- Provide consent from the Permissions tab: Admins will be able to grant consent directly from the Permissions tab. (ETA: End of September)
- Deploy and consent independently: The AI Admin Role will be able to deploy agents once consent is granted by a Global Admin. (ETA: End of September)
- Review risk levels per permission: Each permission will display a risk level to support informed decision-making. (ETA: October)
- Plan for rule-based automation: Automation scenarios will be available to streamline low-risk agent enablement. (ETA: November)
[Compliance considerations:]
| Compliance Consideration | Explanation |
|---|---|
| Does the change alter how existing customer data is processed, stored, or accessed? | Permissions and associated risk levels are now surfaced earlier in the agent lifecycle and made actionable from the MAC interface, which changes how consent and access to customer data are managed. |
| Does the change introduce or significantly modify AI/ML or agent capabilities that interact with or provide access to customer data? | The AI Admin Role can now deploy agents once consent is granted, introducing new agent deployment capabilities tied to customer data access. |
| Does the change include an admin control and, can it be controlled through Entra ID group membership? | Admins can grant consent directly from the Permissions Tab, and deployment is gated by Global Admin consent, which can be managed via Entra ID roles. |
Source: Microsoft
