Previously, an admin logged into the M365 Admin center must have the Global Admin privileges if they want to manage and perform admin tasks related to managing agents in the Integrated Apps Page. With this change the AI Admin Role can manage Agents ensuring they comply with organizational policies and security standards.
When this will happen:
General Availability (Worldwide): We will begin rolling out in late March 2025 and expect to complete by late March 2025.
How this will affect your organization:
AI Admins can now view agents submitted to the admin for approval under Requested Apps tab in the integrated apps page. From here they can choose to either publish it or reject it. When an agent is updated and sent to admin for approval, it also shows up under the requested apps tab with status as “Update Pending”. From here the admin can choose to either accept the update or reject it.
Following are the actions AI Admin Role can do –
- View 1st party, 3rd party, Line of Business agents.
- Publish/Reject
- Make agents available to all/specific/none users.
- Block/Unblock agents.
- Update tenant level settings for 1st party, 3rd party, Line of Business agents.
- Remove agents
Following are the actions AI Admin Role cannot do –
- Consent for permissions. This ensures that only authorized roles (Global Admin) can provide the necessary consent. This restriction is in place to maintain security protocols and compliance standards, minimizing the risk of accidental misconfigurations and cybersecurity threats.
What you need to do to prepare:
AI Admin Role can familiarize themselves with the integrated app page and work alongside the Global admins to manage agents which are published to the tenant by makers in the organization.