Hi all,
We are seeing what looks like a regression in Copilot Studio related to tools configured to use end-user credentials.
This started suddenly around 2 days ago and appears to be related to the Copilot Studio new experience. We have now reproduced it across multiple Power Platform environments, so it does not appear to be isolated to a single environment, solution, connection reference, or DLP policy.
Summary of the issue
When a Copilot Studio agent is published to Microsoft Teams and a tool is configured to use end-user credentials, the tool does not complete successfully after the user grants permission.
Instead, the connector/tool returns the same “connect/authorize” style message as the actual response payload. The agent then receives that message instead of the expected tool data.
This is not the agent re-triggering the consent prompt intentionally. From the agent side, it looks like the connector call itself returns the connection/authorization message instead of the expected connector response.
Example behavior from the agent side:
The connector keeps returning that same message as its actual response payload — it is not a consent prompt I am re-triggering; it is literally what the tool returns instead of profile data. Retrying gives the same result.
Scope
This appears to affect all tools configured to use end-user credentials, not just one specific connector.
We have reproduced or observed the pattern with tools such as:
- Office 365 Users / Microsoft 365 Users
- Office 365 Outlook / Microsoft 365 Outlook
- Work IQ/MCP tools
- Other connector tools configured with end-user credentials
The simplest reproduction is with Office 365 Users → Get my profile (V2).
Minimal reproduction
Create a very simple Copilot Studio agent in the new experience:
- Agent authentication: Authenticate with Microsoft
- Publish to Microsoft Teams
- Add a tool:
- Connector: Office 365 Users
- Operation: Get my profile (V2) / MyProfile_V2
- Authentication: End-user credentials
- Publish the agent.
- Install/open it in a Teams 1:1 chat.
- Ask the agent to call the profile tool.
- User is asked to connect/authorize.
- User clicks Allow.
- Trigger the tool again.
Expected result
After the user grants permission, the tool should return the user profile data, for example:
- display name
- email
- user principal name
- id
Actual result
The tool does not return profile data.
Instead, the agent receives the same connection/authorization message as the connector response payload, and the user is effectively stuck in a loop. Retrying does not resolve it.
Important observations
We have checked the following:
- The agent uses Authenticate with Microsoft.
- Testing is in Teams 1:1 chats only.
- The issue is not related to Teams group chats or channel conversations.
- The issue reproduces in multiple environments, including both multi stage (dev/test/prod) and prod only environment
- The issue occurs with a minimal test agent containing only one tool.
- The connection reference exists in the solution.
- The tool-to-connection-reference mapping appears correct.
- The same issue occurs in unmanaged solutions and minimal test agents.
- The issue is not specific to a complex agent, prompt instructions, SharePoint knowledge, Dataverse, or Power Automate flows.
- The problem appears specifically when the tool is configured to use end-user credentials.
- Tools using maker-provided credentials do not appear to follow the same failure pattern.
- The issue started suddenly around the same time and appears correlated with the Copilot Studio new experience.
YAML pattern seen in the minimal repro
The relevant tool configuration looks like this:
kind: ConnectorTool
authMode: Invoker
connectorId: /providers/Microsoft.PowerApps/apis/shared_office365users
operationId: MyProfile_V2
authMode: Invoker
This appears to be the common factor. Any tool configured to run with the end user’s credentials seems to be affected.
Troubleshooting already attempted
We have tried the following without resolving the issue:
- Republish agent
- Test in fresh Teams 1:1 chat
- Use start over
- Remove/reinstall the Teams app
- Test in multiple environments
- Recreate a minimal test agent
- Verify connection references are present
- Verify the issue is not caused by Power Automate run-only user settings
- Verify the issue is not specific to Office 365 Users alone
Is anyone else seeing this behavior in the Copilot Studio new experience, specifically for tools configured with end-user credentials?
It looks like the connector authorization result is not being persisted or recognized correctly in the Teams runtime, and the connector’s “connect/authorize” response is being returned to the agent as if it were the actual tool output.
This seems like a platform/runtime issue rather than an agent design issue, especially because it reproduces with a minimal agent and across multiple environments.
Any confirmation, workaround, or Microsoft guidance would be appreciated. In particular:
- Is this a known regression in the new Copilot Studio experience?
- Is there a current issue with authMode: Invoker tools in Teams?
- Is there a recommended way to force-refresh or re-authorize end-user tool connections at the platform level?
- Are end-user credential tools currently expected to work in Teams 1:1 chats with Authenticate with Microsoft?
Thanks.