Copilot’s Data Blindness: The Custom Agent Fix

1
00:00:00,000 –> 00:00:01,680
You think Copilot knows your business.

2
00:00:01,680 –> 00:00:02,600
It doesn’t. It’s blind.

3
00:00:02,600 –> 00:00:04,600
It sees SharePoint headlines a few emailed

4
00:00:04,600 –> 00:00:07,360
stale teams chat, not the pipeline in Salesforce,

5
00:00:07,360 –> 00:00:08,640
not the outage in ServiceNow,

6
00:00:08,640 –> 00:00:10,000
not your proprietary API.

7
00:00:10,000 –> 00:00:11,120
That’s the fracture.

8
00:00:11,120 –> 00:00:11,960
Here’s the fix.

9
00:00:11,960 –> 00:00:14,120
We’ll build a custom agent that grounds itself

10
00:00:14,120 –> 00:00:15,320
on your real systems.

11
00:00:15,320 –> 00:00:18,760
Salesforce, ServiceNow, your internal rest API.

12
00:00:18,760 –> 00:00:22,440
Gov. auth-ordited actions, live inside Microsoft 365.

13
00:00:22,440 –> 00:00:24,280
By the end, you’ll have an enterprise-grade agent

14
00:00:24,280 –> 00:00:26,000
that actually sees and acts.

15
00:00:26,000 –> 00:00:29,000
No theater, real access, real control, stay.

16
00:00:29,000 –> 00:00:31,000
There’s one step most teams skip.

17
00:00:31,000 –> 00:00:33,240
It’s the difference between noise and truth.

18
00:00:33,240 –> 00:00:36,640
How Copilot sees and why it’s blind by default.

19
00:00:36,640 –> 00:00:38,680
They told you Copilot understands your work.

20
00:00:38,680 –> 00:00:40,960
The truth is simpler and harsher.

21
00:00:40,960 –> 00:00:43,280
Copilot sees what it’s grounded on.

22
00:00:43,280 –> 00:00:45,000
Nothing more, nothing less.

23
00:00:45,000 –> 00:00:49,960
Out of the box, its field of view is your Microsoft 365

24
00:00:49,960 –> 00:00:52,720
work graph, Outlook threads, teams chats, SharePoint

25
00:00:52,720 –> 00:00:55,560
and OneDrive files may be meeting transcripts useful,

26
00:00:55,560 –> 00:00:57,920
but narrow, a soft halo around your daily clicks.

27
00:00:57,920 –> 00:00:58,760
That’s it.

28
00:00:58,760 –> 00:00:59,800
Not see Salesforce.

29
00:00:59,800 –> 00:01:01,520
Not the account health you live and die by.

30
00:01:01,520 –> 00:01:02,800
It does not see ServiceNow.

31
00:01:02,800 –> 00:01:04,280
Not incident priority.

32
00:01:04,280 –> 00:01:05,600
Not breached SLAs.

33
00:01:05,600 –> 00:01:08,160
It does not see your internal system sitting behind a firewall

34
00:01:08,160 –> 00:01:09,480
and a custom schema.

35
00:01:09,480 –> 00:01:10,320
It can’t.

36
00:01:10,320 –> 00:01:11,080
There’s no access path.

37
00:01:11,080 –> 00:01:12,720
No token, no tool, no grounding.

38
00:01:12,720 –> 00:01:14,880
So it guesses, hallucinates or shrugs.

39
00:01:14,880 –> 00:01:16,440
That’s blindness.

40
00:01:16,440 –> 00:01:17,280
Why?

41
00:01:17,280 –> 00:01:18,400
Because identity and data aren’t magic.

42
00:01:18,400 –> 00:01:20,320
They’re pipes, tokens, policies.

43
00:01:20,320 –> 00:01:22,960
If you don’t wire an action path to an external system,

44
00:01:22,960 –> 00:01:24,440
Copilot can’t call it.

45
00:01:24,440 –> 00:01:26,040
If you don’t expose a knowledge source,

46
00:01:26,040 –> 00:01:27,280
Copilot can’t cite it.

47
00:01:27,280 –> 00:01:29,360
If you don’t define instructions with strict boundaries,

48
00:01:29,360 –> 00:01:31,720
Copilot fills the void with confidence and errors.

49
00:01:31,720 –> 00:01:32,520
You’ve seen it.

50
00:01:32,520 –> 00:01:34,040
Friendly, wrong.

51
00:01:34,040 –> 00:01:35,080
Now the good news.

52
00:01:35,080 –> 00:01:36,680
The blindness is optional.

53
00:01:36,680 –> 00:01:38,440
You give it eyes by adding two things.

54
00:01:38,440 –> 00:01:39,480
Knowledge and tools.

55
00:01:39,480 –> 00:01:40,440
Knowledge is grounding.

56
00:01:40,440 –> 00:01:42,720
Documents, sites, tables, the sources you trust.

57
00:01:42,720 –> 00:01:43,600
Add your website.

58
00:01:43,600 –> 00:01:44,600
Add a FAQ.

59
00:01:44,600 –> 00:01:46,680
Add a SharePoint library of SOPs.

60
00:01:46,680 –> 00:01:49,040
In Copilot Studio, you can also attach higher value

61
00:01:49,040 –> 00:01:51,160
enterprise sources and prioritize them.

62
00:01:51,160 –> 00:01:52,560
Studio respects the ranking.

63
00:01:52,560 –> 00:01:53,400
It’s sites.

64
00:01:53,400 –> 00:01:54,680
It stays inside the fence you draw.

65
00:01:54,680 –> 00:01:56,760
If you toggle web search off, it won’t wander.

66
00:01:56,760 –> 00:01:58,720
Control beats clever.

67
00:01:58,720 –> 00:02:02,800
Tools are actions, connectors, flows, APIs.

68
00:02:02,800 –> 00:02:04,920
When you add a tool, you define the verbs your agent

69
00:02:04,920 –> 00:02:05,880
can perform.

70
00:02:05,880 –> 00:02:07,400
Send an email through Outlook.

71
00:02:07,400 –> 00:02:09,240
Pull an opportunity from Salesforce.

72
00:02:09,240 –> 00:02:10,760
Read an incident from ServiceNow.

73
00:02:10,760 –> 00:02:13,680
Call your internal rest endpoint with specific parameters.

74
00:02:13,680 –> 00:02:16,600
Every tool runs under a governed identity.

75
00:02:16,600 –> 00:02:19,680
Your entra up, your scopes, your DLP, no token, no action,

76
00:02:19,680 –> 00:02:21,840
simple rule, critical safety.

77
00:02:21,840 –> 00:02:24,200
What about default Copilot in M365?

78
00:02:24,200 –> 00:02:26,920
It can summarize your word doc, draft or reply, service a file,

79
00:02:26,920 –> 00:02:29,520
but ask it, what’s the renewal risk on Acme?

80
00:02:29,520 –> 00:02:31,080
It searches the work graph.

81
00:02:31,080 –> 00:02:33,600
It finds nothing because the risk lives in Salesforce

82
00:02:33,600 –> 00:02:34,680
in a custom field.

83
00:02:34,680 –> 00:02:37,720
Behind OAuth, unknown, therefore invisible.

84
00:02:37,720 –> 00:02:40,080
Add a Salesforce tool to find the query.

85
00:02:40,080 –> 00:02:42,040
Map fields, constraints, scopes.

86
00:02:42,040 –> 00:02:44,080
Now ask again, it pulls the record.

87
00:02:44,080 –> 00:02:46,760
Grounds the answer, sites the source, no hallucination,

88
00:02:46,760 –> 00:02:49,760
just data, same with ServiceNow, same with your API.

89
00:02:49,760 –> 00:02:52,360
Vision appears the second you wire the access path

90
00:02:52,360 –> 00:02:54,040
and dies the second you remove it.

91
00:02:54,040 –> 00:02:56,160
If you remember nothing else, remember this.

92
00:02:56,160 –> 00:02:57,520
Copilot doesn’t know.

93
00:02:57,520 –> 00:02:58,240
It fetches.

94
00:02:58,240 –> 00:03:00,560
Through the paths you approve, you build the eyes,

95
00:03:00,560 –> 00:03:02,480
you own the site.

96
00:03:02,480 –> 00:03:06,360
Path one, Copilot Studio, declarative agents for makers

97
00:03:06,360 –> 00:03:07,480
and low-code teams.

98
00:03:07,480 –> 00:03:09,200
You don’t fix blindness with hope.

99
00:03:09,200 –> 00:03:10,280
You fix it with wiring.

100
00:03:10,280 –> 00:03:12,760
Studio gives you the wiring without drowning you in code.

101
00:03:12,760 –> 00:03:15,280
Declarative, fast, contained.

102
00:03:15,280 –> 00:03:18,000
Start inside Microsoft 365 Copilot,

103
00:03:18,000 –> 00:03:20,320
create agent, describe, keep it blunt.

104
00:03:20,320 –> 00:03:22,440
An internal agent that answers account health questions

105
00:03:22,440 –> 00:03:25,200
using Salesforce, incident status from ServiceNow

106
00:03:25,200 –> 00:03:28,160
and proprietary product limits from our internal API.

107
00:03:28,160 –> 00:03:30,720
Site sources, refusive data is missing,

108
00:03:30,720 –> 00:03:33,760
no external web, send, watch it, scuffle the shell, good.

109
00:03:33,760 –> 00:03:36,960
Now we harden it, switch to configure, identity first,

110
00:03:36,960 –> 00:03:39,520
name, icon, clear description, then the instructions.

111
00:03:39,520 –> 00:03:42,640
This is the handbook, plain, ruthless.

112
00:03:42,640 –> 00:03:44,720
Only answer using approved knowledge and tools

113
00:03:44,720 –> 00:03:47,040
always cite if a field is missing, say so.

114
00:03:47,040 –> 00:03:50,200
Never guess, escalate to support if confidence is low.

115
00:03:50,200 –> 00:03:53,680
Add fallback, when data is stale, ask to refresh.

116
00:03:53,680 –> 00:03:54,840
You’re not writing poetry.

117
00:03:54,840 –> 00:03:56,640
You’re building guardrails, knowledge next,

118
00:03:56,640 –> 00:04:00,000
grounding at SharePoint SOPs at your internal product FAQ.

119
00:04:00,000 –> 00:04:03,000
If you’ve got a public documentation site at that URL,

120
00:04:03,000 –> 00:04:05,320
then rank high priority for internal SOPs.

121
00:04:05,320 –> 00:04:07,680
Medium for the public docs, disable web search.

122
00:04:07,680 –> 00:04:10,080
You’re curating truth, not collecting trivia.

123
00:04:10,080 –> 00:04:12,400
Tools, this is where the blindness breaks.

124
00:04:12,400 –> 00:04:14,320
Click add tool, Salesforce first.

125
00:04:14,320 –> 00:04:16,560
Choose the Salesforce connector, authenticate

126
00:04:16,560 –> 00:04:18,000
with an approved Entra app.

127
00:04:18,000 –> 00:04:20,800
Scope it tight, read only, accounts opportunities,

128
00:04:20,800 –> 00:04:22,560
help score, answer and see nothing else.

129
00:04:22,560 –> 00:04:25,600
Studio will ask for inputs, define them explicitly.

130
00:04:25,600 –> 00:04:28,160
Account name, fields to return.

131
00:04:28,160 –> 00:04:31,240
Add constraints, account name must match an existing record.

132
00:04:31,240 –> 00:04:35,040
No wildcards, map outputs to clear names, renewal risk,

133
00:04:35,040 –> 00:04:39,240
ARR, next step, source link, describe when to use it.

134
00:04:39,240 –> 00:04:42,280
Invoke for questions about account health, renewal risk,

135
00:04:42,280 –> 00:04:44,600
ARR, owner or next steps.

136
00:04:44,600 –> 00:04:47,040
Service now next, connector, OAuth,

137
00:04:47,040 –> 00:04:51,280
least privilege, incidents read, CMDB, read if you needed.

138
00:04:51,280 –> 00:04:53,920
Inputs, incident number or account name.

139
00:04:53,920 –> 00:04:55,320
Guard the resolution path.

140
00:04:55,320 –> 00:04:58,280
If incident number not provided, search by account name

141
00:04:58,280 –> 00:04:59,280
with limit three.

142
00:04:59,280 –> 00:05:02,720
If multiple, ask the user to disambiguate.

143
00:05:02,720 –> 00:05:06,680
Outputs, priority, state aslastitis, open by updated on link.

144
00:05:06,680 –> 00:05:09,520
User drool, use when user asks about open incidents,

145
00:05:09,520 –> 00:05:11,560
breached SLAs or ticket status.

146
00:05:11,560 –> 00:05:13,200
Now the custom rest API.

147
00:05:13,200 –> 00:05:16,280
Your crown jewels, click add a custom connector if it exists.

148
00:05:16,280 –> 00:05:20,080
If not, select HTTP with Azure AD, provide the base URL.

149
00:05:20,080 –> 00:05:23,000
Scope the enter app to only the needed endpoint.

150
00:05:23,000 –> 00:05:30,720
Post, limits query, inputs, product ID, customer tier, validation.

151
00:05:30,720 –> 00:05:33,880
Reject calls if product ID not in a proof list.

152
00:05:33,880 –> 00:05:36,800
Outputs, max users, rate limit, notes.

153
00:05:36,800 –> 00:05:40,200
User drool, use for product limit, plan entitlements or compliance caps.

154
00:05:40,200 –> 00:05:44,040
This is the moment most teams skip, prioritization and conditions.

155
00:05:44,040 –> 00:05:45,800
Open tool orchestration.

156
00:05:45,800 –> 00:05:48,440
Tell the agent which tool wins when questions overlap.

157
00:05:48,440 –> 00:05:51,200
If the user mentions renewal, prefer Salesforce.

158
00:05:51,200 –> 00:05:54,520
If they mention ticket or priority, prefer service now.

159
00:05:54,520 –> 00:05:58,040
If they mention limit or entitlement, prefer internal API.

160
00:05:58,040 –> 00:05:59,320
Set a confidence floor.

161
00:05:59,320 –> 00:06:01,600
If retrieval returns null for a critical field,

162
00:06:01,600 –> 00:06:03,960
ask a clarifying question before answering.

163
00:06:03,960 –> 00:06:08,040
Test, write, pain, ask, what’s Acme’s renewal risk and open incidents.

164
00:06:08,040 –> 00:06:09,240
Watch the activity map.

165
00:06:09,240 –> 00:06:12,120
It should call Salesforce with account name A.Acme.

166
00:06:12,120 –> 00:06:14,600
Pull healthscore.co.nl/ next step.

167
00:06:14,600 –> 00:06:17,720
Then call service now with account name A.Acme return top incident.

168
00:06:17,720 –> 00:06:19,480
The response should braid both sources.

169
00:06:19,480 –> 00:06:22,760
Scythe both include direct links if it didn’t your tool conditions are wrong.

170
00:06:22,760 –> 00:06:23,560
Fix them now.

171
00:06:23,560 –> 00:06:26,840
Edge cases ask, what’s beta-co’s renewal risk?

172
00:06:26,840 –> 00:06:29,400
If beta-co doesn’t exist, it should refuse politely.

173
00:06:29,400 –> 00:06:31,400
I can’t find beta-co in Salesforce.

174
00:06:31,400 –> 00:06:33,000
Do you mean beta-copleted?

175
00:06:33,000 –> 00:06:34,360
That’s controlled failure.

176
00:06:34,360 –> 00:06:35,000
You want that?

177
00:06:35,000 –> 00:06:38,120
Ask, what are pro-plan API limits for product X?

178
00:06:38,120 –> 00:06:39,720
It should hit your internal API.

179
00:06:39,720 –> 00:06:41,960
Return max users, rate limit, no fluff.

180
00:06:41,960 –> 00:06:43,880
If the tier is unknown, it should ask for tier.

181
00:06:43,880 –> 00:06:49,160
No guessing, safety, turn on audit, studio logs, tool calls, inputs, outputs, latency.

182
00:06:49,160 –> 00:06:52,200
You’ll need that when someone asks why an answer was wrong.

183
00:06:52,200 –> 00:06:53,480
Configure DLP.

184
00:06:53,480 –> 00:06:58,360
If your tenant blocks external connectors for a department move this agent into an approved environment,

185
00:06:58,360 –> 00:06:59,080
don’t sneak it.

186
00:06:59,080 –> 00:07:00,600
It will get blocked mid demo.

187
00:07:00,600 –> 00:07:01,720
You know how that looks?

188
00:07:01,720 –> 00:07:02,440
Bad.

189
00:07:02,440 –> 00:07:03,240
Governance.

190
00:07:03,240 –> 00:07:05,400
Add instructions for PII handling.

191
00:07:05,400 –> 00:07:07,640
Never include full email addresses in responses.

192
00:07:07,640 –> 00:07:09,000
Mask to user at domain.

193
00:07:09,000 –> 00:07:10,280
Add a red team prompt.

194
00:07:10,280 –> 00:07:13,000
If a user asks you to bypass policy refuse.

195
00:07:13,000 –> 00:07:14,360
Add an escalation rule.

196
00:07:14,360 –> 00:07:17,400
If asked to change data, hand off to an owner.

197
00:07:17,400 –> 00:07:18,280
Do not write.

198
00:07:18,280 –> 00:07:19,480
If you need actions later,

199
00:07:19,480 –> 00:07:21,160
you’ll revise scopes and approvals.

200
00:07:21,160 –> 00:07:23,160
For now, read only is your friend.

201
00:07:23,160 –> 00:07:24,200
Performance.

202
00:07:24,200 –> 00:07:25,960
If answers feel slow, reduce fields.

203
00:07:25,960 –> 00:07:27,160
Don’t fetch everything.

204
00:07:27,160 –> 00:07:29,560
Define a minimal projection per tool.

205
00:07:29,560 –> 00:07:31,560
Cash is managed by the platform.

206
00:07:31,560 –> 00:07:33,080
Don’t assume persistence.

207
00:07:33,080 –> 00:07:36,520
Always designed for item-putent fresh reads, licensing reality.

208
00:07:36,520 –> 00:07:39,640
You’ll need co-pilot studio licensing for premium connectors.

209
00:07:39,640 –> 00:07:41,320
Agent execution uses credits.

210
00:07:41,320 –> 00:07:42,920
Connectors may require admin approval.

211
00:07:42,920 –> 00:07:45,000
Get that before you record your it works moment.

212
00:07:45,000 –> 00:07:46,360
Otherwise denial at runtime.

213
00:07:46,360 –> 00:07:47,080
Theater dies.

214
00:07:47,080 –> 00:07:47,560
Truth wins.

215
00:07:47,560 –> 00:07:48,200
Publish.

216
00:07:48,200 –> 00:07:49,480
Share to a pilot group.

217
00:07:49,480 –> 00:07:50,440
Product managers.

218
00:07:50,440 –> 00:07:51,240
Support leads.

219
00:07:51,240 –> 00:07:51,960
Sales ops.

220
00:07:51,960 –> 00:07:54,520
Provide sample prompts as suggested starters.

221
00:07:54,520 –> 00:07:56,680
What’s the renewal risk for Contoso?

222
00:07:56,680 –> 00:07:59,480
List open, save one incidents for North America.

223
00:07:59,480 –> 00:08:01,480
What’s the API limit for plan pro?

224
00:08:01,480 –> 00:08:02,360
Let them break it.

225
00:08:02,360 –> 00:08:03,640
Watch activity map.

226
00:08:03,640 –> 00:08:04,680
Patch instructions.

227
00:08:04,680 –> 00:08:06,040
Titan scopes.

228
00:08:06,040 –> 00:08:07,320
Now you’ve got eyes.

229
00:08:07,320 –> 00:08:08,520
Inside policy.

230
00:08:08,520 –> 00:08:09,560
Inside audit.

231
00:08:09,560 –> 00:08:10,840
Studio did the heavy lifting.

232
00:08:10,840 –> 00:08:11,800
You drew the lines.

233
00:08:11,800 –> 00:08:13,000
The agent obeys.

234
00:08:13,000 –> 00:08:13,960
Pass two.

235
00:08:13,960 –> 00:08:15,560
Teams toolkit for VS code.

236
00:08:15,560 –> 00:08:17,560
Pro, dev, custom agents and plugins.

237
00:08:17,560 –> 00:08:18,520
Studio gave you eyes.

238
00:08:18,520 –> 00:08:20,120
Toolkit gives you surgical hands.

239
00:08:20,120 –> 00:08:20,920
Full control.

240
00:08:20,920 –> 00:08:22,120
No guardrails you didn’t build.

241
00:08:22,120 –> 00:08:24,840
If studio is wiring, toolkit is the circuit board.

242
00:08:24,840 –> 00:08:25,880
Open VS code.

243
00:08:25,880 –> 00:08:27,160
Install teams toolkit.

244
00:08:27,160 –> 00:08:27,720
Quiet.

245
00:08:27,720 –> 00:08:28,600
No fanfare.

246
00:08:28,600 –> 00:08:30,360
Sign in with your tenant dev account.

247
00:08:30,360 –> 00:08:31,640
Not your prod identity.

248
00:08:31,640 –> 00:08:32,920
You already know why.

249
00:08:32,920 –> 00:08:34,200
Create a new project.

250
00:08:34,200 –> 00:08:35,800
Co-pilot plugin with API.

251
00:08:35,800 –> 00:08:38,040
This scaffolds a pro-dev agent capability

252
00:08:38,040 –> 00:08:39,400
for Microsoft 365.

253
00:08:39,400 –> 00:08:40,360
Co-pilot and teams.

254
00:08:40,360 –> 00:08:41,800
It’s not the chat app trope.

255
00:08:41,800 –> 00:08:42,600
It’s a skill.

256
00:08:42,600 –> 00:08:45,480
A tool with strict verbs, schemas and auth.

257
00:08:45,480 –> 00:08:47,400
The model calls your tool when your instructions

258
00:08:47,400 –> 00:08:48,600
and manifests say so.

259
00:08:48,600 –> 00:08:49,800
Precision over vibes.

260
00:08:49,800 –> 00:08:51,000
You’ll see three anchors.

261
00:08:51,000 –> 00:08:51,720
The manifest.

262
00:08:51,720 –> 00:08:53,880
The open API, AI plug-in spec.

263
00:08:53,880 –> 00:08:54,680
The function code.

264
00:08:54,680 –> 00:08:56,280
The manifest declares your capability.

265
00:08:56,280 –> 00:08:57,720
The spec defines your contract.

266
00:08:57,720 –> 00:08:59,960
The function executes with your identity.

267
00:08:59,960 –> 00:09:01,560
Not the model’s fantasy.

268
00:09:01,560 –> 00:09:03,160
Start with identity.

269
00:09:03,160 –> 00:09:05,000
Enter app registration.

270
00:09:05,000 –> 00:09:06,200
Least privilege.

271
00:09:06,200 –> 00:09:07,400
Create a new app.

272
00:09:07,400 –> 00:09:08,040
Name it.

273
00:09:08,040 –> 00:09:09,960
Agent sales force service now.

274
00:09:09,960 –> 00:09:10,920
API.

275
00:09:10,920 –> 00:09:13,640
Add two secrets if you must, but prefer certificate auth.

276
00:09:13,640 –> 00:09:16,120
Add application permissions to your internal API app ID

277
00:09:16,120 –> 00:09:18,280
or I. For sales force and service now,

278
00:09:18,280 –> 00:09:20,680
you’ll use delegated auth or service principles.

279
00:09:20,680 –> 00:09:22,040
We have secure client credentials

280
00:09:22,040 –> 00:09:23,160
flow behind your function.

281
00:09:23,160 –> 00:09:25,080
Never expose raw secrets to the model.

282
00:09:25,080 –> 00:09:25,960
Never.

283
00:09:25,960 –> 00:09:27,800
Back to toolkit, environment files,

284
00:09:27,800 –> 00:09:30,120
and the dev reference as your key vault.

285
00:09:30,120 –> 00:09:31,320
Don’t paste secrets.

286
00:09:31,320 –> 00:09:32,360
Point to secret ure.

287
00:09:32,360 –> 00:09:33,960
Use managed identity when you deploy

288
00:09:33,960 –> 00:09:35,880
to Azure Functions or Container Apps.

289
00:09:35,880 –> 00:09:38,840
Local dev can use developer CLI with federated credentials.

290
00:09:38,840 –> 00:09:39,880
No plain text.

291
00:09:39,880 –> 00:09:41,320
No excuses.

292
00:09:41,320 –> 00:09:43,320
Define the plug in spec.

293
00:09:43,320 –> 00:09:45,080
Open ap.adot.jamil.

294
00:09:45,080 –> 00:09:46,120
Keep it small.

295
00:09:46,120 –> 00:09:47,560
One path per verb.

296
00:09:47,560 –> 00:09:50,120
Salesforceopportunity.get

297
00:09:50,120 –> 00:09:52,440
Service now incident.get.

298
00:09:52,440 –> 00:09:54,040
Internal limits query.

299
00:09:54,040 –> 00:09:55,480
Document parameters.

300
00:09:55,480 –> 00:09:57,880
Account name, opportunity ID, incident number,

301
00:09:57,880 –> 00:09:59,720
product ID, customer tier,

302
00:09:59,720 –> 00:10:02,600
for each write crisp descriptions and constraints.

303
00:10:02,600 –> 00:10:03,640
Account name.

304
00:10:03,640 –> 00:10:05,160
Exact string match to account.

305
00:10:05,160 –> 00:10:05,800
Name.

306
00:10:05,800 –> 00:10:07,240
No wildcards.

307
00:10:07,240 –> 00:10:10,280
Incident number must match INC.paldi+

308
00:10:10,280 –> 00:10:11,800
Include response schemers.

309
00:10:11,800 –> 00:10:13,400
Never return raw records.

310
00:10:13,400 –> 00:10:15,000
Map to a minimal projection.

311
00:10:15,000 –> 00:10:17,480
ID name, status risk, next step link.

312
00:10:17,480 –> 00:10:18,760
The model understands shape and

313
00:10:18,760 –> 00:10:20,920
bigurity invites hallucination.

314
00:10:20,920 –> 00:10:22,120
Why are the handler?

315
00:10:22,120 –> 00:10:24,440
SRC functions opportunity.get.

316
00:10:24,440 –> 00:10:25,000
Tease.

317
00:10:25,000 –> 00:10:26,600
Use an HTTP trigger.

318
00:10:26,600 –> 00:10:28,120
Validate inputs first.

319
00:10:28,120 –> 00:10:29,800
Reject empty account name,

320
00:10:29,800 –> 00:10:32,600
normalize casing, log with correlation ID

321
00:10:32,600 –> 00:10:34,200
acquire token for Salesforce.

322
00:10:34,200 –> 00:10:36,920
Use on behalf of if the user is present in teams.

323
00:10:36,920 –> 00:10:38,840
Or use a service account with read only scope

324
00:10:38,840 –> 00:10:40,360
if this is a backend tool.

325
00:10:40,360 –> 00:10:42,360
Call Salesforce rest.

326
00:10:42,360 –> 00:10:45,080
Services data V59.

327
00:10:45,080 –> 00:10:46,920
Query, queue, select name,

328
00:10:46,920 –> 00:10:50,200
health score, DNC, ARR, GenC, renewal,

329
00:10:50,200 –> 00:10:53,240
risk, see, next step, LACE from

330
00:10:53,240 –> 00:10:55,160
opportunity, where account.

331
00:10:55,160 –> 00:10:56,520
Name, esode, account name,

332
00:10:56,520 –> 00:10:57,160
and is closed.

333
00:10:57,160 –> 00:10:59,640
It falls limit one time out at five seconds.

334
00:10:59,640 –> 00:11:00,600
Retrieves that.

335
00:11:00,600 –> 00:11:02,840
You want fast failure, not zombie weights.

336
00:11:02,840 –> 00:11:03,800
Transform the result.

337
00:11:03,800 –> 00:11:05,720
Map fields.

338
00:11:05,720 –> 00:11:07,640
Compute a simple risk label.

339
00:11:07,640 –> 00:11:09,560
High if health score, EOC.

340
00:11:09,560 –> 00:11:11,960
Four or renewal risks are also high,

341
00:11:11,960 –> 00:11:13,880
who include a deep link, HTTP.

342
00:11:13,880 –> 00:11:15,480
So slash your domain,

343
00:11:15,480 –> 00:11:17,320
lightning.force.com.

344
00:11:17,320 –> 00:11:18,280
Lightning.r.

345
00:11:18,280 –> 00:11:19,480
Opportunity.

346
00:11:19,480 –> 00:11:21,160
I’d view.

347
00:11:21,160 –> 00:11:22,760
Return JSON.

348
00:11:22,760 –> 00:11:24,200
Don’t editorialize.

349
00:11:24,200 –> 00:11:25,400
Don’t summarize.

350
00:11:25,400 –> 00:11:26,840
The model will handle language.

351
00:11:26,840 –> 00:11:28,040
You handle truth.

352
00:11:28,040 –> 00:11:29,240
Repeat for service now.

353
00:11:29,240 –> 00:11:30,520
Incident.get.ts.

354
00:11:30,520 –> 00:11:32,360
Validate incident number or fallback to

355
00:11:32,360 –> 00:11:34,280
account name search with limit three.

356
00:11:34,280 –> 00:11:38,040
If ambiguity, return choices with IDs and titles.

357
00:11:38,040 –> 00:11:40,120
Forced the model to ask the user to choose.

358
00:11:40,120 –> 00:11:41,160
No silent guesses.

359
00:11:41,160 –> 00:11:42,600
Query table API.

360
00:11:42,600 –> 00:11:44,520
API now table incident.

361
00:11:44,520 –> 00:11:45,160
Zeus palm.

362
00:11:45,160 –> 00:11:46,280
Galquery, push number.

363
00:11:46,280 –> 00:11:48,360
I and C as you 12345.

364
00:11:48,360 –> 00:11:49,080
CIS palm.

365
00:11:49,080 –> 00:11:49,800
Fields.

366
00:11:49,800 –> 00:11:50,920
Number priority.

367
00:11:50,920 –> 00:11:51,560
State.

368
00:11:51,560 –> 00:11:52,040
Short.

369
00:11:52,040 –> 00:11:52,760
Description.

370
00:11:52,760 –> 00:11:53,960
CIS updated on.

371
00:11:53,960 –> 00:11:54,440
CIS.

372
00:11:54,440 –> 00:11:55,240
Idtismap.

373
00:11:55,240 –> 00:11:57,160
State to a normalized enum.

374
00:11:57,160 –> 00:11:59,240
New in progress resolved.

375
00:11:59,240 –> 00:12:02,280
Derive SLL breach Boolean if needed from a second call.

376
00:12:02,280 –> 00:12:03,960
API now a table source task.

377
00:12:03,960 –> 00:12:05,400
Esla task.

378
00:12:05,400 –> 00:12:06,760
Keep it under two calls.

379
00:12:06,760 –> 00:12:08,680
Speed matters.

380
00:12:08,680 –> 00:12:10,840
Then the internal API.

381
00:12:10,840 –> 00:12:12,040
LimitSquery.ts.

382
00:12:12,040 –> 00:12:14,760
Acquired token for your API scope.

383
00:12:14,760 –> 00:12:18,040
Post limitSquery with product id and customer tier.

384
00:12:18,040 –> 00:12:21,240
Validate both against a local allow list cashed in config.

385
00:12:21,240 –> 00:12:22,840
Never let the model invent IDs.

386
00:12:22,840 –> 00:12:24,760
Return max users rate limit per minute.

387
00:12:24,760 –> 00:12:25,960
Notes linked to policy.

388
00:12:25,960 –> 00:12:28,280
If the API returns 404 propagated,

389
00:12:28,280 –> 00:12:31,400
the model should ask for a valid product that safe failure.

390
00:12:31,400 –> 00:12:32,360
Add policy.

391
00:12:32,360 –> 00:12:34,040
A thin guardrail middleware.

392
00:12:34,040 –> 00:12:37,080
If user context exists in force conditional access claims.

393
00:12:37,080 –> 00:12:40,600
If department alcohol sales and path starts with our sales force

394
00:12:40,600 –> 00:12:42,040
block with 403.

395
00:12:42,040 –> 00:12:46,760
If gosls.us and path exorcist CIS internal limits query and data

396
00:12:46,760 –> 00:12:50,120
residency is us only block return a clear short reason.

397
00:12:50,120 –> 00:12:51,720
The model can relay the denial.

398
00:12:51,720 –> 00:12:53,160
This is where governance meets code.

399
00:12:53,160 –> 00:12:54,200
They asked for control.

400
00:12:54,200 –> 00:12:55,560
You deliver it.

401
00:12:55,560 –> 00:12:56,840
Write unit tests.

402
00:12:56,840 –> 00:12:59,480
Just mock HTTP clients.

403
00:12:59,480 –> 00:13:00,760
Golden samples.

404
00:13:00,760 –> 00:13:02,040
One test per path.

405
00:13:02,040 –> 00:13:05,560
Success not found in valid input policy block timeout.

406
00:13:05,560 –> 00:13:07,000
CI runs them on every push.

407
00:13:07,000 –> 00:13:08,920
Toolkit integrates with GitHub actions.

408
00:13:08,920 –> 00:13:11,240
Add build, test, lint, deploy to dev.

409
00:13:11,240 –> 00:13:12,280
You’re not doing theater.

410
00:13:12,280 –> 00:13:14,040
You’re shipping controlled access.

411
00:13:14,040 –> 00:13:14,920
Local test.

412
00:13:14,920 –> 00:13:15,800
Teams toolkit.

413
00:13:15,800 –> 00:13:16,600
Preview in teams.

414
00:13:16,600 –> 00:13:17,240
Local.

415
00:13:17,240 –> 00:13:18,680
It spins up on Grog.

416
00:13:18,680 –> 00:13:19,880
Register your plugin.

417
00:13:19,880 –> 00:13:22,760
Open Microsoft 365 co-pilot in team sandbox.

418
00:13:22,760 –> 00:13:25,960
Ask what’s Acquired’s renewal risk and open incidents.

419
00:13:25,960 –> 00:13:27,000
The agent routes.

420
00:13:27,000 –> 00:13:28,520
It should call your opportunity get.

421
00:13:28,520 –> 00:13:31,320
Then incident get watch logs correlation it ties the chain.

422
00:13:31,320 –> 00:13:32,760
200 200.

423
00:13:32,760 –> 00:13:35,400
Response merges in the model layer with your JSON.

424
00:13:35,400 –> 00:13:37,080
It cites your tool by name.

425
00:13:37,080 –> 00:13:39,960
If it doesn’t, fix the manifest actions descriptions.

426
00:13:39,960 –> 00:13:41,080
The model needs the hint,

427
00:13:41,080 –> 00:13:43,240
Perfcheck if latency crosses three seconds,

428
00:13:43,240 –> 00:13:43,960
trim fields.

429
00:13:43,960 –> 00:13:45,400
Cash allow lists in memory.

430
00:13:45,400 –> 00:13:47,960
Prefer HTTP to keep TLS warm.

431
00:13:47,960 –> 00:13:50,280
Move to Azure Functions premium or container apps with

432
00:13:50,280 –> 00:13:51,480
my instances.

433
00:13:51,480 –> 00:13:52,680
Code starts are death.

434
00:13:52,680 –> 00:13:54,840
Set Function Timeout to 10 seconds max.

435
00:13:54,840 –> 00:13:55,560
Fail fast.

436
00:13:55,560 –> 00:13:56,520
Explain fast.

437
00:13:56,520 –> 00:13:57,240
Deploy.

438
00:13:57,240 –> 00:13:59,080
Teams toolkit provision to Azure.

439
00:13:59,080 –> 00:14:00,840
Port slot with managed identity.

440
00:14:00,840 –> 00:14:01,720
Bind Key Vault.

441
00:14:01,720 –> 00:14:04,040
Register the plugin in Teams admin center.

442
00:14:04,040 –> 00:14:05,480
Scope it to a security group.

443
00:14:05,480 –> 00:14:06,760
Pilot group only.

444
00:14:06,760 –> 00:14:07,880
Add monitoring.

445
00:14:07,880 –> 00:14:09,240
Application insights.

446
00:14:09,240 –> 00:14:10,520
Custom dimensions.

447
00:14:10,520 –> 00:14:11,640
User ED hashed.

448
00:14:11,640 –> 00:14:12,280
Tool name.

449
00:14:12,280 –> 00:14:12,920
Status code.

450
00:14:12,920 –> 00:14:14,040
Miss build dashboards.

451
00:14:14,040 –> 00:14:15,640
You’ll need them when leadership asks.

452
00:14:15,640 –> 00:14:16,760
Is it safe?

453
00:14:16,760 –> 00:14:18,360
You’ll point numbers don’t lie.

454
00:14:18,360 –> 00:14:20,200
Now pair it with your studio agent.

455
00:14:20,200 –> 00:14:21,880
Studio calls your plugin as a tool.

456
00:14:21,880 –> 00:14:22,760
You get best of both.

457
00:14:22,760 –> 00:14:24,040
The Clarity of Orchestration.

458
00:14:24,040 –> 00:14:25,000
ProDev Precision.

459
00:14:25,000 –> 00:14:25,880
Blindness removed.

460
00:14:25,880 –> 00:14:26,840
Access contained.

461
00:14:26,840 –> 00:14:27,800
Audited whisper it.

462
00:14:27,800 –> 00:14:28,440
Control.

463
00:14:28,440 –> 00:14:31,800
Head to head demo studio versus toolkit on the same use case.

464
00:14:31,800 –> 00:14:32,920
Same question.

465
00:14:32,920 –> 00:14:33,800
Two parts.

466
00:14:33,800 –> 00:14:35,560
Watch the divergence.

467
00:14:35,560 –> 00:14:37,080
Prompt in studio.

468
00:14:37,080 –> 00:14:39,800
What’s AgMee’s renewal risk and any open savvy one

469
00:14:39,800 –> 00:14:42,440
incidents also confirm API limits for product X

470
00:14:42,440 –> 00:14:43,320
Pro tier.

471
00:14:43,320 –> 00:14:44,760
The agent reads the instructions.

472
00:14:44,760 –> 00:14:47,240
Picks tools based on your orchestration rules.

473
00:14:47,240 –> 00:14:48,120
First call.

474
00:14:48,120 –> 00:14:48,760
Sales force.

475
00:14:48,760 –> 00:14:50,840
Inputs show in the activity map.

476
00:14:50,840 –> 00:14:51,560
Account name.

477
00:14:51,560 –> 00:14:52,600
AgMee.

478
00:14:52,600 –> 00:14:53,240
Fields.

479
00:14:53,240 –> 00:14:54,600
Health score time to see.

480
00:14:54,600 –> 00:14:55,800
AR RNC.

481
00:14:55,800 –> 00:14:57,240
Renewal risk.c.

482
00:14:57,240 –> 00:14:58,360
Next step.c.

483
00:14:58,360 –> 00:15:00,760
Read only scope 500 millisecond round trip.

484
00:15:00,760 –> 00:15:02,120
It returns a clean object.

485
00:15:02,120 –> 00:15:03,240
Studio labels it.

486
00:15:03,240 –> 00:15:04,840
Sites sales force.

487
00:15:04,840 –> 00:15:05,560
Second call.

488
00:15:05,560 –> 00:15:06,440
Service now.

489
00:15:06,440 –> 00:15:07,000
Account name.

490
00:15:07,000 –> 00:15:07,560
AgMee.

491
00:15:07,560 –> 00:15:08,360
Limit three.

492
00:15:08,360 –> 00:15:09,400
It finds two incidents.

493
00:15:09,400 –> 00:15:10,440
Ambiguity.

494
00:15:10,440 –> 00:15:12,200
Your rule forces a clarifying question.

495
00:15:12,200 –> 00:15:16,440
Did you mean INC 01245 or INC 01301?

496
00:15:16,440 –> 00:15:18,920
You pick INC 01301.

497
00:15:18,920 –> 00:15:19,560
Priority.

498
00:15:19,560 –> 00:15:20,120
One.

499
00:15:20,120 –> 00:15:20,600
State.

500
00:15:20,600 –> 00:15:21,400
In progress.

501
00:15:21,400 –> 00:15:22,360
SLA status.

502
00:15:22,360 –> 00:15:23,000
Breached.

503
00:15:23,000 –> 00:15:23,480
Studio.

504
00:15:23,480 –> 00:15:25,320
Brades the answer with both citations

505
00:15:25,320 –> 00:15:26,280
and direct links.

506
00:15:26,280 –> 00:15:27,240
No editorializing.

507
00:15:27,240 –> 00:15:28,200
Just what you told it.

508
00:15:28,200 –> 00:15:28,680
Third call.

509
00:15:28,680 –> 00:15:29,800
Internal API.

510
00:15:29,800 –> 00:15:30,440
Product ID.

511
00:15:30,440 –> 00:15:31,320
ProDxCustomer.

512
00:15:31,320 –> 00:15:32,040
ProDx.

513
00:15:32,040 –> 00:15:33,320
It returns max users.

514
00:15:33,320 –> 00:15:33,960
100.

515
00:15:33,960 –> 00:15:34,920
Rate limit per minute.

516
00:15:34,920 –> 00:15:35,800
600 nodes.

517
00:15:35,800 –> 00:15:36,600
Burst to 900.

518
00:15:36,600 –> 00:15:37,240
With approval.

519
00:15:37,240 –> 00:15:38,440
Policy link provided.

520
00:15:38,440 –> 00:15:39,720
Studio stitches it at the end.

521
00:15:39,720 –> 00:15:41,000
All three sources ranked.

522
00:15:41,000 –> 00:15:42,920
If any field was now it calls that out.

523
00:15:42,920 –> 00:15:44,600
You build that fail-loud behavior.

524
00:15:44,600 –> 00:15:45,560
It obeys.

525
00:15:45,560 –> 00:15:48,120
Latency total about two seconds with healthy backends.

526
00:15:48,120 –> 00:15:49,160
You never touched code.

527
00:15:49,160 –> 00:15:50,280
You defined verbs.

528
00:15:50,280 –> 00:15:51,320
Inputs outputs.

529
00:15:51,320 –> 00:15:51,880
Priority.

530
00:15:51,880 –> 00:15:53,240
The model handled language.

531
00:15:53,240 –> 00:15:54,760
Studio handled wiring.

532
00:15:54,760 –> 00:15:56,920
Identity stayed inside your tenant guardrails.

533
00:15:56,920 –> 00:15:58,520
Audit captured every call.

534
00:15:58,520 –> 00:16:00,200
Now the same request to Toolkit.

535
00:16:00,200 –> 00:16:02,600
You’re in Teams co-pilot with your plug and registered.

536
00:16:02,600 –> 00:16:04,520
The model reads your manifest inspect.

537
00:16:04,520 –> 00:16:06,200
It decides your tools match the intent.

538
00:16:06,200 –> 00:16:07,240
It calls opportunity.

539
00:16:07,240 –> 00:16:08,120
Get with account name.

540
00:16:08,120 –> 00:16:08,760
Acme.

541
00:16:08,760 –> 00:16:10,200
Your function validates input.

542
00:16:10,200 –> 00:16:11,640
LogScorrelation ID.

543
00:16:11,640 –> 00:16:13,080
Gets it token.

544
00:16:13,080 –> 00:16:15,640
Runs the SOical query with a strict projection.

545
00:16:15,640 –> 00:16:16,200
Returns.

546
00:16:16,200 –> 00:16:16,600
Jason.

547
00:16:16,600 –> 00:16:17,080
A risk.

548
00:16:17,080 –> 00:16:17,480
High.

549
00:16:17,480 –> 00:16:18,360
Health score.

550
00:16:18,360 –> 00:16:19,320
36.

551
00:16:19,320 –> 00:16:20,040
AR.

552
00:16:20,040 –> 00:16:21,080
1.26.

553
00:16:21,080 –> 00:16:21,960
Next step.

554
00:16:21,960 –> 00:16:22,520
Exec.

555
00:16:22,520 –> 00:16:23,080
QBR.

556
00:16:23,080 –> 00:16:23,880
615.

557
00:16:23,880 –> 00:16:24,840
Link on.

558
00:16:24,840 –> 00:16:26,760
The model renders it in plain English.

559
00:16:26,760 –> 00:16:28,360
It cites your tool by name.

560
00:16:28,360 –> 00:16:30,040
Next, it calls incident get.

561
00:16:30,040 –> 00:16:32,520
You accept either incident number or account name.

562
00:16:32,520 –> 00:16:33,320
It got account name.

563
00:16:33,320 –> 00:16:35,880
You return two candidates because ambiguity is dangerous.

564
00:16:35,880 –> 00:16:37,480
The model asks the user to choose.

565
00:16:37,480 –> 00:16:38,600
You receive INC.

566
00:16:38,600 –> 00:16:39,720
0.013.

567
00:16:39,720 –> 00:16:40,120
0.1.

568
00:16:40,120 –> 00:16:41,000
You query.

569
00:16:41,000 –> 00:16:41,720
Map state.

570
00:16:41,720 –> 00:16:42,520
Compute breached.

571
00:16:42,520 –> 00:16:43,160
True.

572
00:16:43,160 –> 00:16:45,080
Return a normalized incident object.

573
00:16:45,080 –> 00:16:46,200
Again, the model narrates.

574
00:16:46,200 –> 00:16:47,320
It cites the tool.

575
00:16:47,320 –> 00:16:48,440
Then limits query.

576
00:16:48,440 –> 00:16:49,080
Product ID.

577
00:16:49,080 –> 00:16:49,400
Pro.

578
00:16:49,400 –> 00:16:49,880
X.

579
00:16:49,880 –> 00:16:50,600
Customer tier.

580
00:16:50,600 –> 00:16:51,240
Pro.

581
00:16:51,240 –> 00:16:53,480
Your handler checks both against an allow list.

582
00:16:53,480 –> 00:16:54,200
Valid.

583
00:16:54,200 –> 00:16:56,120
Your query an API scope token.

584
00:16:56,120 –> 00:16:56,760
Post.

585
00:16:56,760 –> 00:16:57,480
Transform.

586
00:16:57,480 –> 00:16:58,920
Return the minimal policy.

587
00:16:58,920 –> 00:16:59,720
Max users.

588
00:16:59,720 –> 00:17:00,680
Rate limit per minute.

589
00:17:00,680 –> 00:17:02,120
Burst policy policy link.

590
00:17:02,120 –> 00:17:03,320
The model presents it.

591
00:17:03,320 –> 00:17:04,520
One paragraph.

592
00:17:04,520 –> 00:17:05,800
Three citations.

593
00:17:05,800 –> 00:17:07,080
Consistent shape.

594
00:17:07,080 –> 00:17:08,040
What changed?

595
00:17:08,040 –> 00:17:09,240
Control.

596
00:17:09,240 –> 00:17:11,080
With studio you moved knobs.

597
00:17:11,080 –> 00:17:12,760
With toolkit you wired the board.

598
00:17:12,760 –> 00:17:14,360
You wrote the input validation.

599
00:17:14,360 –> 00:17:15,480
You chose the projection.

600
00:17:15,480 –> 00:17:16,920
You enforced policy in code.

601
00:17:16,920 –> 00:17:18,120
Performance is tighter.

602
00:17:18,120 –> 00:17:20,040
Error messages are yours not generic.

603
00:17:20,040 –> 00:17:21,480
You can add custom caching.

604
00:17:21,480 –> 00:17:22,760
Retrize circuit breakers.

605
00:17:22,760 –> 00:17:25,160
You can add per department deny rules in middleware.

606
00:17:25,160 –> 00:17:26,120
You own the latency.

607
00:17:26,120 –> 00:17:27,400
You own the blast radius.

608
00:17:27,400 –> 00:17:28,600
And here’s the hinge.

609
00:17:28,600 –> 00:17:30,280
Studio and toolkit aren’t rivals.

610
00:17:30,280 –> 00:17:32,520
Their layers let the studio agent orchestrate.

611
00:17:32,520 –> 00:17:34,360
Let your toolkit plug in execute.

612
00:17:34,360 –> 00:17:35,720
Studio roots the question.

613
00:17:35,720 –> 00:17:37,560
Toolkit tools deliver the truth.

614
00:17:37,560 –> 00:17:38,440
One brain.

615
00:17:38,440 –> 00:17:39,400
Many hands.

616
00:17:39,400 –> 00:17:40,840
Side with precision.

617
00:17:40,840 –> 00:17:43,240
Where most teams fail, they stop at studio.

618
00:17:43,240 –> 00:17:44,280
Or they stop at toolkit.

619
00:17:44,280 –> 00:17:45,240
They don’t pair them.

620
00:17:45,240 –> 00:17:47,160
They accept blindness or accept chaos.

621
00:17:47,160 –> 00:17:47,720
Don’t.

622
00:17:47,720 –> 00:17:50,200
Use studio for fast orchestration and governance.

623
00:17:50,200 –> 00:17:52,680
Use toolkit for hard edges, identity and shape.

624
00:17:52,680 –> 00:17:54,360
Together the model can’t wander.

625
00:17:54,360 –> 00:17:56,360
It can only act where you’ve drawn the map.

626
00:17:56,360 –> 00:17:57,400
Ask the question again.

627
00:17:57,400 –> 00:17:58,360
The answers match.

628
00:17:58,360 –> 00:18:01,960
Same risk, same incident, same limits, two stacks, one outcome.

629
00:18:01,960 –> 00:18:02,680
That’s not luck.

630
00:18:02,680 –> 00:18:03,560
That’s design.

631
00:18:03,560 –> 00:18:05,560
Enterprise constraints you can’t ignore.

632
00:18:05,560 –> 00:18:07,080
This is where your demo dies.

633
00:18:07,080 –> 00:18:07,800
Or lives.

634
00:18:07,800 –> 00:18:09,640
Because the enterprise doesn’t care about clever.

635
00:18:09,640 –> 00:18:10,760
It cares about control.

636
00:18:10,760 –> 00:18:11,640
Licensing first.

637
00:18:11,640 –> 00:18:13,880
You need co-pilot for Microsoft 365

638
00:18:13,880 –> 00:18:16,120
for users to even see co-pilot inside teams.

639
00:18:16,120 –> 00:18:17,000
Word outlook.

640
00:18:17,000 –> 00:18:18,920
You need co-pilot studio licensing for agents

641
00:18:18,920 –> 00:18:19,960
and premium connectors.

642
00:18:19,960 –> 00:18:21,480
Execution uses credits.

643
00:18:21,480 –> 00:18:23,560
Salesforce and service now are premium.

644
00:18:23,560 –> 00:18:25,240
If your tenant doesn’t have approvals,

645
00:18:25,240 –> 00:18:26,840
your calls will fail at runtime.

646
00:18:26,840 –> 00:18:27,720
Plan the licenses.

647
00:18:27,720 –> 00:18:30,200
Get admin approval for connectors before you press record.

648
00:18:30,200 –> 00:18:31,480
Admin approvals.

649
00:18:31,480 –> 00:18:32,200
Two gates.

650
00:18:32,200 –> 00:18:34,280
Entra ID for app permissions.

651
00:18:34,280 –> 00:18:36,040
Power platform for connector consent.

652
00:18:36,040 –> 00:18:38,360
Your Salesforce connector needs an OAuth app

653
00:18:38,360 –> 00:18:40,440
approved by the Salesforce admin.

654
00:18:40,440 –> 00:18:43,240
Your service now connector needs a per instance client.

655
00:18:43,240 –> 00:18:46,440
Your internal API needs an entra app with the right scopes.

656
00:18:46,440 –> 00:18:49,400
If you try to add a tool without tenant admin approval,

657
00:18:49,400 –> 00:18:51,080
studio hides it or blocks it.

658
00:18:51,080 –> 00:18:51,880
That’s not a bug.

659
00:18:51,880 –> 00:18:54,040
That’s boundary, tenant security and DLP.

660
00:18:54,040 –> 00:18:57,240
Many orgs block external connectors in default environments.

661
00:18:57,240 –> 00:18:58,680
If you build in the wrong environment,

662
00:18:58,680 –> 00:19:00,440
DLP will silently neuter your agent.

663
00:19:00,440 –> 00:19:03,240
Place the agent in an environment classified as business.

664
00:19:03,240 –> 00:19:05,320
Put your connectors in the same DLP data group.

665
00:19:05,320 –> 00:19:07,960
If marketing and finance can’t mix data,

666
00:19:07,960 –> 00:19:10,200
you can’t road answers across both.

667
00:19:10,200 –> 00:19:13,160
Respect the policy or you’ll see action blocked by DLP.

668
00:19:13,160 –> 00:19:14,280
Not a mystery, a rule.

669
00:19:14,280 –> 00:19:16,120
Conditional access agents are just apps.

670
00:19:16,120 –> 00:19:17,800
CA policies apply.

671
00:19:17,800 –> 00:19:19,160
If your agent calls the plugin

672
00:19:19,160 –> 00:19:21,960
that hits Salesforce and the user is on an unmanaged device,

673
00:19:21,960 –> 00:19:23,880
your on behalf of Flow may be blocked.

674
00:19:23,880 –> 00:19:24,920
Design fallbacks.

675
00:19:24,920 –> 00:19:26,600
If CA denies OBO,

676
00:19:26,600 –> 00:19:28,280
have your function use a service account

677
00:19:28,280 –> 00:19:30,280
with read-only scope for non-sensitive reads

678
00:19:30,280 –> 00:19:31,560
or fail with a clear message.

679
00:19:31,560 –> 00:19:33,800
Access blocked by policy.

680
00:19:33,800 –> 00:19:35,160
Use a managed device.

681
00:19:35,160 –> 00:19:35,800
Don’t leak.

682
00:19:35,800 –> 00:19:36,840
Don’t bypass.

683
00:19:36,840 –> 00:19:37,960
Data residency.

684
00:19:37,960 –> 00:19:39,400
Where does grounding live?

685
00:19:39,400 –> 00:19:41,000
Studio stores agent configuration

686
00:19:41,000 –> 00:19:43,240
and knowledge indexing in your selected region.

687
00:19:43,240 –> 00:19:45,960
If your internal API serves US only data

688
00:19:45,960 –> 00:19:48,440
and your user is in EU, don’t route it.

689
00:19:48,440 –> 00:19:50,760
Add geo checks in your toolkit middleware.

690
00:19:50,760 –> 00:19:51,960
Block if user geo.

691
00:19:51,960 –> 00:19:52,680
X allowed.

692
00:19:52,680 –> 00:19:54,040
Return a short denial reason.

693
00:19:54,040 –> 00:19:54,440
Log it.

694
00:19:54,440 –> 00:19:55,480
You’ll need that for audit.

695
00:19:55,480 –> 00:19:56,760
Permissions boundaries.

696
00:19:56,760 –> 00:19:58,520
Least privileged by default.

697
00:19:58,520 –> 00:20:00,920
Your Salesforce scopes should be read only for accounts

698
00:20:00,920 –> 00:20:02,120
and opportunities.

699
00:20:02,120 –> 00:20:03,080
No wildcards.

700
00:20:03,080 –> 00:20:04,920
Your service now role should read incidents

701
00:20:04,920 –> 00:20:06,680
and if required task SLA.

702
00:20:06,680 –> 00:20:07,640
Don’t add update.

703
00:20:07,640 –> 00:20:09,640
You will be asked to just fix a ticket.

704
00:20:09,640 –> 00:20:10,280
Don’t.

705
00:20:10,280 –> 00:20:11,560
Keep action separate.

706
00:20:11,560 –> 00:20:13,160
Add right verbs only when governance

707
00:20:13,160 –> 00:20:14,520
and approvals exist.

708
00:20:14,520 –> 00:20:16,520
Otherwise one prompt turns into a record change

709
00:20:16,520 –> 00:20:17,640
with no change control.

710
00:20:17,640 –> 00:20:19,640
That’s breach bait environments.

711
00:20:19,640 –> 00:20:20,680
Dev test.

712
00:20:20,680 –> 00:20:21,160
Prod.

713
00:20:21,160 –> 00:20:21,880
Don’t skip them.

714
00:20:21,880 –> 00:20:25,080
Studio agents belong in a managed environment with ALM.

715
00:20:25,080 –> 00:20:26,120
Export import.

716
00:20:26,120 –> 00:20:27,320
Use solutions.

717
00:20:27,320 –> 00:20:29,160
Toolkit plugins deploy to dev subscription.

718
00:20:29,160 –> 00:20:29,880
Then test.

719
00:20:29,880 –> 00:20:30,680
Then prod.

720
00:20:30,680 –> 00:20:33,000
Use separate entra apps and key vaults per stage.

721
00:20:33,000 –> 00:20:34,680
Feature flags per environment.

722
00:20:34,680 –> 00:20:36,120
Turn on only what you need.

723
00:20:36,120 –> 00:20:37,640
Your future self will thank you.

724
00:20:37,640 –> 00:20:38,600
Logging and audit.

725
00:20:38,600 –> 00:20:40,840
Turn on application insights for toolkit.

726
00:20:40,840 –> 00:20:43,240
Inject correlation it from the model call into logs.

727
00:20:43,240 –> 00:20:44,680
Log input shape not PI.

728
00:20:44,680 –> 00:20:46,120
Log outbound domains.

729
00:20:46,120 –> 00:20:46,920
Status codes.

730
00:20:46,920 –> 00:20:47,720
Latency.

731
00:20:47,720 –> 00:20:50,600
For studio watch activity map and export analytics.

732
00:20:50,600 –> 00:20:52,360
You need a story when someone asks

733
00:20:52,360 –> 00:20:55,080
who saw what when without logs it’s vibes.

734
00:20:55,080 –> 00:20:57,480
With logs it’s truth monitoring and SLOs.

735
00:20:57,480 –> 00:20:58,520
Set alerts.

736
00:20:58,520 –> 00:21:02,280
If sales force tool errors 2% in 5 minutes page the owner.

737
00:21:02,280 –> 00:21:05,560
If latency crosses 3 seconds P95 degrade gracefully.

738
00:21:05,560 –> 00:21:06,360
Trim fields.

739
00:21:06,360 –> 00:21:08,440
Tell the user you’re fetching a minimal view.

740
00:21:08,440 –> 00:21:09,160
Don’t freeze.

741
00:21:09,160 –> 00:21:10,520
Don’t pretend.

742
00:21:10,520 –> 00:21:11,400
Governance.

743
00:21:11,400 –> 00:21:12,360
Write the policy.

744
00:21:12,360 –> 00:21:13,800
PII masking.

745
00:21:13,800 –> 00:21:16,040
Mask emails to UCAD domain.

746
00:21:16,040 –> 00:21:17,400
Refuse exfiltration.

747
00:21:17,400 –> 00:21:19,880
Don’t paste raw data to external channels.

748
00:21:19,880 –> 00:21:20,920
Read to your agent.

749
00:21:20,920 –> 00:21:22,440
Prompt it to bypass rules.

750
00:21:22,440 –> 00:21:24,600
If it tries, tighten instructions or middleware.

751
00:21:24,600 –> 00:21:25,640
You’re not paranoid.

752
00:21:25,640 –> 00:21:27,000
You’re prepared.

753
00:21:27,000 –> 00:21:28,280
One more constraint.

754
00:21:28,280 –> 00:21:28,920
Humans.

755
00:21:28,920 –> 00:21:29,960
Train your users.

756
00:21:29,960 –> 00:21:31,880
Suggested prompts aren’t decoration.

757
00:21:31,880 –> 00:21:32,920
They’re on ramps.

758
00:21:32,920 –> 00:21:34,440
Show them what the agent knows.

759
00:21:34,440 –> 00:21:35,320
What it refuses.

760
00:21:35,320 –> 00:21:36,040
What it logs.

761
00:21:36,040 –> 00:21:36,920
Set expectations.

762
00:21:36,920 –> 00:21:38,120
You reduce shadow prompts.

763
00:21:38,120 –> 00:21:39,160
You reduce risk.

764
00:21:39,160 –> 00:21:41,480
Ignore any of this and the system will ignore you.

765
00:21:41,480 –> 00:21:45,400
Respect it and your agent will survive first contact with the enterprise.

766
00:21:45,400 –> 00:21:48,440
Build along your first enterprise agent in co-pilot studio.

767
00:21:48,440 –> 00:21:49,480
Step by step.

768
00:21:49,480 –> 00:21:52,200
Open Microsoft 365 co-pilot.

769
00:21:52,200 –> 00:21:53,320
Create agent.

770
00:21:53,320 –> 00:21:54,920
Describe it bluntly.

771
00:21:54,920 –> 00:21:58,120
Internal agent for account health and incident status.

772
00:21:58,120 –> 00:21:58,760
Sources.

773
00:21:58,760 –> 00:21:59,560
Salesforce.

774
00:21:59,560 –> 00:22:01,400
Service now internal limits API.

775
00:22:01,400 –> 00:22:02,040
Site.

776
00:22:02,040 –> 00:22:03,320
Refuse when data is missing.

777
00:22:03,320 –> 00:22:04,120
No web.

778
00:22:04,120 –> 00:22:05,320
Send switch to configure.

779
00:22:05,320 –> 00:22:05,880
Name it.

780
00:22:05,880 –> 00:22:06,760
Set the icon.

781
00:22:06,760 –> 00:22:07,960
Now the handbook.

782
00:22:07,960 –> 00:22:09,880
In instructions paste clear rules.

783
00:22:09,880 –> 00:22:11,800
Only use approved knowledge and tools.

784
00:22:11,800 –> 00:22:12,760
Always site.

785
00:22:12,760 –> 00:22:15,000
Ask clarifying questions on ambiguity.

786
00:22:15,000 –> 00:22:16,040
Never guess.

787
00:22:16,040 –> 00:22:17,240
Mask PII.

788
00:22:17,240 –> 00:22:19,000
Refuse policy bypass.

789
00:22:19,000 –> 00:22:21,240
Knowledge at your SharePoint SOP library.

790
00:22:21,240 –> 00:22:22,920
Add your internal product FAQ.

791
00:22:22,920 –> 00:22:24,840
Rank SOP’s first FAQ second.

792
00:22:24,840 –> 00:22:26,600
Turn web search of tools.

793
00:22:26,600 –> 00:22:28,120
Add salesforce connector.

794
00:22:28,120 –> 00:22:30,280
Authenticate within approved Entra app.

795
00:22:30,280 –> 00:22:31,800
Read only scopes.

796
00:22:31,800 –> 00:22:33,480
Inputs account name.

797
00:22:33,480 –> 00:22:33,960
Fields.

798
00:22:33,960 –> 00:22:34,440
Health score.

799
00:22:34,440 –> 00:22:35,000
Don’t will see.

800
00:22:35,000 –> 00:22:35,960
R2 or C.

801
00:22:35,960 –> 00:22:37,320
Renewal risk go C.

802
00:22:37,320 –> 00:22:38,760
Next step R or C.

803
00:22:38,760 –> 00:22:39,640
Link.

804
00:22:39,640 –> 00:22:40,280
Usage.

805
00:22:40,280 –> 00:22:41,480
Renewal risk health.

806
00:22:41,480 –> 00:22:42,840
ARR owner.

807
00:22:42,840 –> 00:22:44,200
Add service now connector.

808
00:22:44,200 –> 00:22:45,800
O-auth to your instance.

809
00:22:45,800 –> 00:22:46,440
Rolls.

810
00:22:46,440 –> 00:22:47,240
Read incidents.

811
00:22:47,240 –> 00:22:49,080
Task Esla if needed.

812
00:22:49,080 –> 00:22:51,480
Inputs incident number or account name.

813
00:22:51,480 –> 00:22:55,160
If multiple results return top three and ask the user to choose.

814
00:22:55,160 –> 00:22:55,960
Outputs.

815
00:22:55,960 –> 00:22:56,920
Number priority.

816
00:22:56,920 –> 00:22:58,920
State SLS status updated on.

817
00:22:58,920 –> 00:22:59,480
Link.

818
00:22:59,480 –> 00:23:01,800
Add HTTP action for your internal API.

819
00:23:01,800 –> 00:23:03,480
Azure AD-auth.

820
00:23:03,480 –> 00:23:06,120
Post/Sash limits query.

821
00:23:06,120 –> 00:23:06,920
Inputs.

822
00:23:06,920 –> 00:23:07,960
Product ID.

823
00:23:07,960 –> 00:23:09,160
Customatier.

824
00:23:09,160 –> 00:23:10,760
Validate against an allow list.

825
00:23:10,760 –> 00:23:12,120
You maintain in config.

826
00:23:12,120 –> 00:23:12,920
Outputs.

827
00:23:12,920 –> 00:23:14,840
Max users rate limit per minute.

828
00:23:14,840 –> 00:23:16,200
Notes policy link.

829
00:23:16,200 –> 00:23:19,720
Usage product limits entitlements compliance caps.

830
00:23:19,720 –> 00:23:20,840
Orchestration.

831
00:23:20,840 –> 00:23:22,280
In tool priority rules.

832
00:23:22,280 –> 00:23:24,200
Renewal sales force.

833
00:23:24,200 –> 00:23:25,320
Ticket priority.

834
00:23:25,320 –> 00:23:26,280
SLA.

835
00:23:26,280 –> 00:23:27,320
Service now.

836
00:23:27,320 –> 00:23:28,680
Limit entitlement.

837
00:23:28,680 –> 00:23:30,120
Internal API.

838
00:23:30,120 –> 00:23:31,320
Set a confidence floor.

839
00:23:31,320 –> 00:23:32,920
If required fields are null.

840
00:23:32,920 –> 00:23:35,240
Ask a clarifying question before answering.

841
00:23:35,240 –> 00:23:36,600
Test in the right pane.

842
00:23:36,600 –> 00:23:39,000
Ask Agme Renewal risk and open incidents.

843
00:23:39,000 –> 00:23:40,600
Pro limits for product X.

844
00:23:40,600 –> 00:23:43,160
Verify activity map shows sales force first.

845
00:23:43,160 –> 00:23:45,720
Then service now with disambiguation if needed.

846
00:23:45,720 –> 00:23:46,920
Then internal API.

847
00:23:46,920 –> 00:23:48,280
Check citations and links.

848
00:23:48,280 –> 00:23:50,200
Fix any tool conditions that miss fire.

849
00:23:50,200 –> 00:23:50,840
Safety.

850
00:23:50,840 –> 00:23:52,040
Enable audit logging.

851
00:23:52,040 –> 00:23:54,280
Confirm connectors aren’t blocked by DLP.

852
00:23:54,280 –> 00:23:55,480
Share to a pilot group.

853
00:23:55,480 –> 00:23:56,640
Seed suggested prompts.

854
00:23:56,640 –> 00:23:57,720
Let them break it.

855
00:23:57,720 –> 00:23:58,600
Patch instructions.

856
00:23:58,600 –> 00:23:59,440
Titanscopes.

857
00:23:59,440 –> 00:24:00,120
Publish.

858
00:24:00,120 –> 00:24:01,120
Decision framework.

859
00:24:01,120 –> 00:24:03,320
Went to choose Studio versus Toolkit.

860
00:24:03,320 –> 00:24:06,400
Choose Studio when you need speed, governance, and citations.

861
00:24:06,400 –> 00:24:09,200
Read only enterprise answers with simple actions.

862
00:24:09,200 –> 00:24:10,520
Makers can maintain it.

863
00:24:10,520 –> 00:24:12,000
Admins can approve it.

864
00:24:12,000 –> 00:24:14,960
Choose Toolkit when you need strict input validation.

865
00:24:14,960 –> 00:24:17,000
Custom schemas or complex logic.

866
00:24:17,000 –> 00:24:19,440
Conditional access aware policy in code.

867
00:24:19,440 –> 00:24:20,400
Low latency.

868
00:24:20,400 –> 00:24:21,840
High control integrations.

869
00:24:21,840 –> 00:24:22,760
Custom caching.

870
00:24:22,760 –> 00:24:23,600
Retrieves.

871
00:24:23,600 –> 00:24:24,640
Hybrid wins when.

872
00:24:24,640 –> 00:24:25,840
Studio orchestrates.

873
00:24:25,840 –> 00:24:27,240
Toolkit tools execute.

874
00:24:27,240 –> 00:24:29,440
You want fast iteration with pro-grade enforcement.

875
00:24:29,440 –> 00:24:32,160
You must prove auditability and minimize blast radius.

876
00:24:32,160 –> 00:24:34,120
If ambiguity default to Studio first

877
00:24:34,120 –> 00:24:37,800
at Toolkit where Studio bends, the truth copilot doesn’t know.

878
00:24:37,800 –> 00:24:41,000
It fetches through paths you approve with identities you govern

879
00:24:41,000 –> 00:24:42,200
or it stays blind.

880
00:24:42,200 –> 00:24:43,000
Build the eyes.

881
00:24:43,000 –> 00:24:43,920
Own the site.

882
00:24:43,920 –> 00:24:46,400
If you want the ProDev plugin we used in the demo,

883
00:24:46,400 –> 00:24:49,880
watch the next video for the team’s Toolkit build and deployment checklist.

884
00:24:49,880 –> 00:24:51,640
Subscribe for the enterprise patterns,

885
00:24:51,640 –> 00:24:53,720
red team prompts, and governance blueprints.