For organizations that have strict requirements regarding Copilot Agents access to customer data the existing security model is not quite enough. In addition to the existing security model where the agents permissions is controlled by the users permission, tables should be able to be enabled/disabled for agents, en additional flag like the "enable for Dataverse search" but "enable for Copilot use" should be implemented.

For example, we have a requirement that an user should have access to table A, B and C and our MDA have an app assistant agent which should be allowed to have access to the data in table A but not the data in table B and C since those tables contains data that are not yet approved for processing by AI. Another use case could be where we simply do not want data from a certain table to show up when chatting with an agent.

This is as of today not possible (as far as we have been able to read up on), adding an app assistant agent to the app gives it access to all of the data that the user has access to.