Aembit, a specialist in identity and access management for non-human identities, announced on June 16, 2026, at the Identiverse conference in Las Vegas that its platform now integrates with Microsoft Copilot Studio. The move extends policy-based access controls to autonomous AI agents built on Microsoft’s low-code platform, addressing a critical gap in enterprise agentic AI security.

The announcement underscores a growing challenge: as AI agents become more autonomous—acting on behalf of users to access data, execute workflows, and make decisions—traditional identity systems designed for human users fall short. These “workload identities” require fine-grained, dynamic access management that can keep pace with their rapid, often unpredictable behavior.

“Agentic AI represents the next frontier of enterprise automation, but it also introduces novel security risks,” said David Goldschlag, CEO of Aembit, during the Identiverse session. “Without proper IAM, these agents can become over-privileged, leading to data breaches or compliance failures. Our integration with Copilot Studio ensures that every agent action is authenticated and authorized according to strict policies.”

The Rise of Agentic AI and the Identity Gap

Microsoft Copilot Studio, formerly known as Power Virtual Agents, allows organizations to build and deploy conversational AI agents without writing code. These agents can connect to a wide array of data sources and services, from SharePoint and Dynamics 365 to third-party APIs. Since its rebranding and integration with the Microsoft Copilot stack, the platform has seen rapid adoption. Microsoft reported that over 500,000 organizations had used Copilot Studio to create custom agents by mid-2026.

However, security has been a lingering concern. By default, Copilot Studio agents run under a user’s identity or a service principal, often with broad permissions. Without granular access controls, an agent might inadvertently access sensitive HR data or execute financial transactions beyond its intended scope. Aembit’s solution tackles this by shifting to a policy-based, least-privilege model specifically designed for non-human workloads.

How Aembit Works with Copilot Studio

Aembit’s platform operates as an identity fabric for workloads, spanning cloud services, APIs, databases, and now AI agent frameworks. It decouples access policies from static credentials, substituting them with ephemeral, just-in-time tokens that are scoped to the exact permissions an agent needs for a specific task.

When integrating with Copilot Studio, Aembit sits between the agent and the resources it accesses. Administrators define policies in Aembit’s console—for example, “An agent in the HR department can query the employee database for name and department only, never salary, and only during business hours.” The platform then enforces these policies without requiring changes to the agent’s code or the underlying infrastructure.

Key capabilities of the integration include:

  • Dynamic Credential Issuance: Instead of hard-coded API keys or service principal secrets, agents receive time-bound tokens from Aembit.
  • Context-Aware Authorization: Policies can incorporate real-time signals such as geolocation, risk score, or time of day, allowing organizations to adapt access dynamically.
  • Audit Trail for Agent Actions: Every access request is logged, providing visibility into what each agent did and when—critical for compliance with regulations like GDPR or SOC 2.
  • Support for Hybrid Environments: Aembit works not only with Azure but also with AWS, GCP, and on-premises systems, making it suitable for enterprises with multi-cloud strategies.

Technically, the integration leverages Copilot Studio’s extensibility points—such as custom connectors and Azure Bot Service—to inject Aembit’s proxy-based enforcement. Aembit’s sidecar or API gateway model inspects every outbound call the agent makes, applying the relevant policies in real time without adding latency, the company claims.

A Step Toward Secure Agentic Architectures

The announcement comes at a time when agentic AI—systems that can plan and execute multi-step tasks autonomously—is moving from research into production. Microsoft has embedded Copilot agents across its ecosystem, from Microsoft 365 to GitHub. Third-party tools like Copilot Studio democratize agent creation, but also multiply the attack surface.

“We’re giving business users the power to build agents, but without proper guardrails, that’s a recipe for disaster,” said Mary Campbell, an enterprise security architect and Microsoft MVP, in a recent interview. “Aembit’s approach is promising because it brings mature workload IAM concepts into the low-code world. It’s the kind of control that CISOs have been asking for.”

Aembit’s platform leverages industry standards such as OAuth 2.0, SPIFFE, and OpenID Connect, ensuring compatibility with existing identity systems like Azure Entra ID (formerly Azure AD). This means organizations can layer Aembit on top of their current infrastructure without a rip-and-replace approach.

Real-World Applications and Early Feedback

While the integration is newly announced, several early adopters have been testing it in beta. Aembit shared anonymized case studies at Identiverse. One large financial services company used Aembit to secure a fleet of Copilot Studio agents that processed customer loan applications. The agents needed access to credit bureau APIs, internal risk models, and document storage, but each access had to be tightly controlled. With Aembit, the company reduced the number of static credentials by 90% and passed a rigorous compliance audit with zero findings related to agent access.

Another beta user, a healthcare provider, built a Copilot Studio agent to assist doctors in retrieving patient histories from electronic health records. Using Aembit, they enforced that the agent could only view records for the specific patient being treated, and only during an active consultation session, based on signals from the scheduling system. This dynamic, contextual access was impossible with the native Copilot Studio permission model.

Market Context and Competitive Landscape

Aembit is not alone in addressing workload identity for AI. Competitors like Corsha, Astrix, and even cloud providers with native IAM tools are expanding into agentic AI. However, Aembit differentiates itself by focusing exclusively on non-human identity and offering a platform-agnostic solution that spans multiple AI agent frameworks, not just Copilot Studio. The company has integrations with LangChain, AutoGen, and custom agent builds.

At the same time, Microsoft is not standing still. Azure’s Managed Identities and Entra ID Conditional Access have added capabilities for service principals and managed identities, but they are still primarily designed for traditional services, not the interactive, iterative nature of AI agents. Aembit fills a niche by providing policy engines that understand the nuances of agentic workflows.

What This Means for Windows Enterprise Users

For the windowsnews.ai audience—IT professionals, developers, and Windows administrators—this integration signals a maturing ecosystem for AI agent security on Microsoft platforms. If your organization is experimenting with Copilot Studio or planning to deploy agents broadly, you now have a dedicated IAM layer that can enforce security policies consistently, regardless of where agents run or what they access.

Furthermore, as Windows 11 and future Windows releases become more deeply integrated with Copilot features, the need to secure agents that interact with local system resources, files, and applications will only grow. Aembit’s agent-first identity model could eventually extend to securing AI assistants that operate on the desktop, ensuring that even a Copilot agent embedded in Windows cannot tamper with protected files without explicit authorization.

Looking Ahead: The Road to Zero Trust for AI Agents

Aembit’s move into Copilot Studio is a stepping stone toward a broader vision of zero trust for agentic AI. The company plans to expand its policy coverage to other Microsoft Copilot extensions, such as Copilot for Microsoft 365 and Copilot in Dynamics 365. There are also hints of deeper integration with Azure Policy and Microsoft Purview for unified data governance.

As agentic AI systems gain more autonomy—some experts predict that by 2027, over half of enterprise workflows will involve agent-driven processes—the security industry must evolve rapidly. Identity will be the linchpin. “Without identity, you have no control,” said Goldschlag. “And with agents, identity is no longer just about who you are; it’s about what you’re allowed to do in this moment, under these conditions.”

For Windows administrators, the message is clear: start planning now for agentic identity management. Tools like Aembit are becoming essential infrastructure, not optional add-ons. And with Identiverse 2026 setting the stage, the conversation around agentic AI security is only just beginning.