Conversation
- Scope article to MCS context; clarify target audience - Add MCS-specific architecture diagram showing PP connector layer - Fix auth comparison: in MCS both use same connector/connection framework - Correct DLP claim: DLP applies at connector level, MCP tools may be ungoverned - Fix performance claims: MCP adds tool discovery overhead in MCS - Fix control level: makers cannot override MCP tool descriptions in MCS - Add orchestration delegation tradeoff - Rewrite conclusion with MCS-specific guidance
…n for Copilot Studio
There was a problem hiding this comment.
Pull request overview
Adds a new Chirpy blog post describing the “Hosted Agent Service” pattern for Copilot Studio, including an architecture walkthrough and code excerpts, plus the associated header image asset.
Changes:
- Added a new post: “Your Service, Your Auth: The Hosted Agent Pattern for Copilot Studio”
- Added a new header image under
/assets/posts/hosted-agent-service/ - Referenced an existing architecture diagram asset for the post body
Reviewed changes
Copilot reviewed 1 out of 3 changed files in this pull request and generated 4 comments.
| File | Description |
|---|---|
assets/posts/hosted-agent-service/has-title.jpg |
New header/cover image used by the post front matter. |
_posts/2026-03-26-hosted-agent-service-pattern.md |
New post content covering the pattern, OBO flow, deployment steps, and internal links. |
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
Agent-Logs-Url: https://github.com/microsoft/mcscatblog/sessions/856073da-077c-4d90-880f-fbc7064b52f1 Co-authored-by: jpad5 <94862471+jpad5@users.noreply.github.com>
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
| @@ -0,0 +1,193 @@ | |||
| --- | |||
| layout: post | |||
| title: "[Demo] Your Service, Your Auth: The Hosted Agent Pattern for Copilot Studio" | |||
There was a problem hiding this comment.
The title uses "Hosted Agent Pattern" while the rest of the post consistently calls it the "Hosted Agent Service" pattern. Consider aligning the title with the term used throughout the article to avoid reader confusion and improve searchability.
There was a problem hiding this comment.
@copilot apply changes based on this feedback
There was a problem hiding this comment.
Fixed in commit 01cf5a9. The title now reads "The Hosted Agent Service Pattern for Copilot Studio", matching the terminology used consistently throughout the post body.
Agent-Logs-Url: https://github.com/microsoft/mcscatblog/sessions/03832e33-a332-4d70-a41e-ae2f24065683 Co-authored-by: jpad5 <94862471+jpad5@users.noreply.github.com>
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
| The `Index.cshtml.cs` page model acquires the token and exposes it to the frontend JavaScript, which calls the Agent Service via `fetch()`: | ||
|
|
||
| ```javascript | ||
| const response = await fetch('http://localhost:5020/api/agent/invoke', { |
There was a problem hiding this comment.
The fetch() example hard-codes http://localhost:5020/.... This will fail in non-local scenarios and can be blocked as mixed-content if the page is served over HTTPS. Consider using a relative URL (same origin) or calling a configurable base URL (e.g., injected from server config) so the snippet works beyond local dev.
| const response = await fetch('http://localhost:5020/api/agent/invoke', { | |
| const response = await fetch('/api/agent/invoke', { |
|
Hey Jay, thanks for putting this together — the code sample is solid and the technical walkthrough is well-structured. The OBO flow explanation, the Bicep deployment, and the architecture diagram are all clear. A few things I'd love to see addressed before we merge: The core question: when would someone need this pattern? The post does a great job explaining how the Hosted Agent Service works, but I'm left wondering why I'd reach for it instead of simpler alternatives that already exist in Copilot Studio:
The post currently reads as a general-purpose architecture, but I think its real value is in a very specific set of constraints. It would be great to call those out explicitly in the intro. Something like: "If you've tried X and Y and hit this wall, that's when you need this pattern." — Adi |
Thanks for the pointers, Adi. I have updated to reflect your feedback. -Jay |
- Replace simulated Copilot Studio calls with real CopilotClient SDK code - Split single 40-line code block into two focused OBO exchange sections - Add dual OBO flow explanation (Power Platform API + Enterprise API) - Update Program.cs wiring to show CopilotClient SDK registration - Remove redundant CopilotClient SDK Integration section - Add 3rd internal link (connector-consent-card-obo) - Replace sso tag with m365-agents-sdk for better Further Reading overlap - Remove [Demo] prefix from title - Reduce em-dash overuse throughout
📱 Kick off Copilot coding agent tasks wherever you are with GitHub Mobile, available on iOS and Android.