No tracking. No cookie wall.·100 % EU-hosted on Hetzner
EU-hostedPrivacy policy →
Copilot Studio setup

Connect Ansvar AI to Microsoft Copilot Studio

Publish an Ansvar-backed agent to Teams, M365 Chat, or your tenant's Copilot — same citation contract, M365 native UX.

Prerequisites

Three things you need before starting

  • A Copilot Studio license (any tier with custom-connector permission).
  • An Ansvar Premium subscription (Team and Company are coming soon).
  • Tenant admin permission to register a custom connector — or an admin who will sign off on the connection at publish time.
Walkthrough

Seven steps from blank tenant to published agent

  1. 1

    Create a new agent

    In Copilot Studio, choose Create → New agent. Name it (for example, "Ansvar Compliance"). Skip the AI-instructions wizard for now — you will configure the MCP connection first.

    Copilot Studio: Create a new agent
  2. 2

    Add an MCP connection

    From the agent's Tools tab, choose Add → MCP connection. Paste https://gateway.ansvar.eu/mcp as the server URL.

    Copilot Studio: Add an MCP connection
  3. 3

    Configure the OAuth provider

    Select OAuth 2.1 with auto-discovery. Copilot Studio reads /.well-known/oauth-authorization-server from the gateway and auto-populates Keycloak DCR endpoints. Save.

    Copilot Studio: Configure the OAuth provider
  4. 4

    Authorize the connection

    Click Authorize. A browser pop-up opens for sign-in at auth.ansvar.eu. Approve the consent screen. The browser redirects back to Copilot Studio with the connection marked Connected.

    Copilot Studio: Authorize the connection
  5. 5

    Verify tools appear

    Refresh the agent's tool inventory. You should see ansvar.search, ansvar.start_workflow, ansvar.list_workflow_types, and the rest of the orchestration catalogue listed under the Ansvar connection.

    Copilot Studio: Verify tools appear
  6. 6

    Test with a sample prompt

    In the Test pane, ask: "What does Article 5(1)(c) GDPR say about data minimisation? Cite the source." Confirm the agent invokes an Ansvar search tool and returns a cited answer.

    Copilot Studio: Test with a sample prompt
  7. 7

    Publish to a channel

    From Channels, pick Microsoft Teams, Web, or M365 Chat and follow the publish flow. Tenant-admin approval may be required depending on your environment policies.

    Copilot Studio: Publish to a channel
Common gotchas

Three things that trip up most tenants

Well-known metadata path resolution

Microsoft iterates eight well-known metadata paths at the gateway URL itself; it does not follow the protected-resource response cross-origin to auth.ansvar.eu. The gateway nginx already serves the discovery payload directly at the gateway origin, so this is patched, but if you see auto-discovery failures double-check you are pointing at https://gateway.ansvar.eu/mcp and not a stale URL.

Token refresh under tenant restrictions

Conditional Access policies that block third-party OAuth apps will silently fail token refresh on the connection. If your agent suddenly returns 401 errors mid-session, ask your IdP admin to allowlist auth.ansvar.eu.

Tenant-admin OAuth versus user-level OAuth

Some tenants disallow per-user OAuth grants for custom connectors. In that case the publish flow surfaces a "requires admin approval" prompt; the admin must complete the OAuth dance themselves to authorise the connector at tenant scope.

Where to from here

Back to the full setup index, or see which tier fits your workflow.

← Back to setupSee tiers →