Control 4.13: Copilot Extensibility and Agent Operations Governance — Troubleshooting

Common issues and resolution steps for Copilot extensibility governance and agent operations.

Common Issues

Symptoms: Users can access and use Copilot plugins that are not on the approved list.
Root Cause: User consent settings may allow self-service consent, or the admin-approved plugin list is not enforced.
Resolution:
Navigate to Microsoft Entra admin center > Enterprise applications > Consent and permissions.
Set "Users can consent to apps" to No to require admin approval.
Review the Integrated Apps settings in the Microsoft 365 admin center for any overrides.
Audit the current plugin list and remove any unauthorized apps.
Communicate the approved plugin catalog to all Copilot users.

Symptoms: Plugin requests are stuck in the approval queue for extended periods, frustrating users.
Root Cause: Approval chain is too long, approvers are unavailable, or the volume of requests exceeds capacity.
Resolution:
Add backup approvers at each level of the approval chain.
Set auto-escalation rules for requests pending more than the SLA period (5 business days).
Create a fast-track process for plugins from Microsoft's verified catalog.
Pre-approve categories of low-risk plugins to reduce the review burden.

Symptoms: Agents appear in the Registry without an assigned owner or approval evidence.
Root Cause: Publishing or sharing occurred without the governance workflow being completed.
Resolution:
Review Agents > All agents / Registry.
Assign an owner where appropriate or block the agent.
Record remediation in the governance register.

Symptoms: Copilot surfaces sensitive information from a Graph connector that should not be accessible.
Root Cause: The Graph connector's access controls are insufficient, or the data was not properly classified before connection.
Resolution:
Immediately disable the Graph connector if sensitive data exposure is confirmed.
Conduct a data sensitivity assessment for the connector's content.
Apply access controls that restrict which users can access connector data through Copilot.
Apply sensitivity labels to connector content if supported.
Re-enable the connector only after appropriate controls are in place.

Symptoms: Permission audit reveals plugins with broader access than necessary (e.g., read-write access when read-only is sufficient).
Root Cause: Initial consent granted excessive permissions, or permissions were not reviewed during the approval process.
Resolution:
Review the permission audit report and identify over-privileged apps.
Revoke excessive permissions where possible without breaking functionality.
Work with plugin vendors to understand minimum required permissions.
Update the Plugin Risk Assessment template to include a permissions review step.
Implement a quarterly permissions review cycle.

Check user consent settings: Microsoft Entra admin center > Enterprise applications > Consent and permissions.
Review plugin catalog: Microsoft 365 admin center > Settings > Integrated apps.
Review agent inventory: Microsoft 365 admin center > Agents > All agents / Registry.
Audit app permissions: Run the permission audit script (Script 3 from PowerShell Setup).
Test user experience: Log in as a standard user and verify plugin and agent access restrictions.

Severity	Condition	Escalation Path
Critical	Unauthorized plugin exposing sensitive data	IT Security + Compliance — immediate remediation
High	Graph connector data exposure	IT Admin — disable connector + data classification
Medium	Plugin approval workflow delays	IT Management — process optimization
Low	Minor permission excess	Schedule for next quarterly review