Microsoft Copilot
Overview
Microsoft offers several Copilot products that support MCP integration. This guide covers setup for each:
- Microsoft Copilot Studio - Low-code platform for building custom AI agents
- Microsoft 365 Copilot - Enterprise productivity assistant (requires M365 Copilot license)
- GitHub Copilot - Code completion in VS Code (covered in the GitHub Copilot (VS Code) guide)
For most Copilot scenarios, start with the regional read endpoint. It keeps the Spotto tool catalog smaller, which is useful when Copilot struggles to retrieve all advertised tools. If your Copilot workflow needs action tools, switch to the matching write endpoint or use the default full endpoint after confirming your client can load it.
Microsoft Copilot Studio
Microsoft Copilot Studio is a low-code platform for creating custom AI agents. It supports MCP through either a direct onboarding wizard or custom connectors.
Prerequisites
- Access to Microsoft Copilot Studio
- Generative Orchestration enabled on your agent
- Spotto API key from the Getting Started guide
- Your regional endpoint profile (for example, Australia
read:https://mcp-au-read.spotto.ai/mcp)
Method 1: MCP Onboarding Wizard (Recommended)
The simplest way to connect Spotto to Copilot Studio is through the built-in MCP wizard:
- Open your agent in Microsoft Copilot Studio
- Navigate to the Tools page
- Select Add a tool
- Select New tool
- Select Model Context Protocol
Configure the MCP Server:
| Field | Value |
|---|---|
| Name | Spotto |
| Description | Asset tracking and operational insights |
| URL | https://mcp-au-read.spotto.ai/mcp (adjust for your region) |
| Transport Type | Streamable |
| Authentication | API key |
API Key Authentication:
- Select API key as the authentication type
- Choose Header as the API key type
- Set the header name to:
X-API-Key - Set the parameter location to: Header
- Click Create
Create Connection:
- In the "Add tool" dialog, select Create new connection
- Enter your Spotto API key when prompted
- Click Add to agent
Your Spotto MCP server is now available to your agent. All Spotto tools will automatically appear in the agent's toolbox.
Method 2: Custom Connector via Power Apps
For advanced scenarios or custom authentication, you can create a custom connector:
- In Copilot Studio, select Continue to setup in Power Apps
- Navigate to Custom connectors in the Power Apps portal
- Import the OpenAPI definition (see sample below)
- Configure authentication with your Spotto API key
- Return to Copilot Studio to add the connector to your agent
The sample below uses the Australian read endpoint. Swap the host for your region if needed.
Sample OpenAPI Definition (YAML):
swagger: '2.0'
info:
title: Spotto MCP Server
description: Spotto asset tracking via MCP
version: 1.0.0
host: mcp-au-read.spotto.ai
basePath: /
schemes:
- https
paths:
/mcp:
post:
summary: Spotto MCP Endpoint
x-ms-agentic-protocol: mcp-streamable-1.0
operationId: InvokeMCP
responses:
'200':
description: Success
securityDefinitions:
api_key:
type: apiKey
name: X-API-Key
in: header
security:
- api_key: []
Managing MCP Tools in Copilot Studio
Once your MCP server is connected, you can manage which tools your agent uses:
- Go to the Tools tab for your agent
- Select the Spotto MCP server
- View available tools and resources
- Use the Allow all toggle to enable or disable all tools
- Or toggle individual tools on or off as needed
If you connected the read endpoint, only read-oriented Spotto tools will appear. That is expected.
Verifying the Connection
Test your setup by asking the agent:
"What companies do I have access to in Spotto?"
or
"Check the Spotto API status"
The agent should use the Spotto MCP tools to retrieve information from your account.
Making Your Agent Available in Microsoft 365 Copilot
This section applies if you built your agent in Copilot Studio and want to make it available in the Microsoft 365 Copilot experience. If you built a declarative agent using the Microsoft 365 Agents Toolkit, it is available in Microsoft 365 Copilot after deployment.
For Copilot Studio agents:
- In Copilot Studio, go to Channels
- Select Teams and Microsoft 365 Copilot
- Check Make agent available in Microsoft 365 Copilot
- Click Add channel
- After the channel is enabled, select See agent in Microsoft 365
- Click Add and Open to use the agent
Microsoft 365 Copilot
Microsoft 365 Copilot is the enterprise productivity assistant integrated into Office apps. It can be extended with custom MCP servers through declarative agents.
Prerequisites
- Microsoft 365 Copilot license (required for all users)
- Visual Studio Code with the Microsoft 365 Agents Toolkit extension (version 6.0 or later)
- Microsoft 365 account with:
- Custom App Upload Enabled - Your tenant admin must enable this in Microsoft 365 admin center under Settings -> Integrated apps -> App availability -> Allow users to upload custom apps
- Copilot Access Enabled - Verify you can access
https://m365.cloud.microsoft/chat
- Spotto API key and regional endpoint profile
Setup Process
Step 1: Install Microsoft 365 Agents Toolkit
- Open Visual Studio Code
- Go to the Extensions view (Ctrl+Shift+X / Cmd+Shift+X)
- Search for "Microsoft 365 Agents Toolkit"
- Click Install
Step 2: Create a Declarative Agent
- Click the Microsoft 365 Agents Toolkit icon in the Activity Bar
- Select Create a New Agent/App (or Create a New Agent depending on your toolkit version)
- Choose Declarative Agent
- Select Add an Action, then Start with an MCP Server
- Enter your Spotto MCP URL:
https://mcp-au-read.spotto.ai/mcp
The toolkit will fetch the list of tools from your Spotto MCP server and generate the necessary configuration files.
When you add an MCP server to a declarative agent, the toolkit converts it into an API plugin. Each MCP tool becomes an API operation in the plugin manifest. You can view the generated plugin files in your project's appPackage folder. Only MCP tools are supported out of the box; MCP resources and prompts require custom handling.
Step 3: Configure Authentication
The Microsoft 365 Agents Toolkit supports multiple authentication methods for MCP servers. Choose the option that matches your Spotto MCP setup.
For API Key Authentication (Simpler):
- When prompted during agent creation, select API key
- In the Teams Developer Portal:
- Go to Tools -> API key registration
- Select Create an API key
- Enter your Spotto API key
- Set Base URL to your regional endpoint (for example,
https://mcp-au-read.spotto.ai) - Select the appropriate Target tenant and Target Teams App settings
- The toolkit will reference this registration in your agent manifest
For more detail, see Configure API key authentication.
For OAuth 2.0 Authentication (Advanced):
If your organization requires OAuth or you plan to proxy authentication:
- When prompted, select OAuth (with static registration)
- Register an OAuth app with your identity provider (most organizations use Microsoft Entra ID)
- Configure the app with:
- Name: Spotto MCP for M365 Copilot
- Authorization callback URL:
https://teams.microsoft.com/api/platform/v1.0/oAuthRedirect
- Generate a client secret and save both the Client ID and secret
- Update your agent project with these credentials
Use the identity provider your tenant requires and keep the redirect URL unchanged.
Step 4: Configure Connection Parameters
After authentication is configured, make sure the Spotto API key reaches your MCP server.
If you used API key authentication (Step 3): the toolkit handles the API key as a connection parameter. Your agent manifest references the API key registration ID, and the key is securely passed to your MCP server at runtime.
If you used OAuth authentication: choose one of these options:
- Backend proxy (recommended for production): build a backend service that accepts OAuth tokens, validates the user, and adds the Spotto API key as an
X-API-Keyheader before forwarding requests to your MCP server. - Environment variable (development only): store the API key in
.env.devand read it at runtime:
SPOTTO_API_KEY=apik_your_key_here
MCP_SERVER_URL=https://mcp-au-read.spotto.ai/mcp
Never commit API keys directly to your agent manifest or source code. Use secure storage such as the Teams Developer Portal API key registration, Azure Key Vault, or environment variables excluded from version control.
Step 5: Deploy and Test
- Sign in to Microsoft 365 in the Agents Toolkit
- Verify both settings are enabled:
- Custom App Upload Enabled
- Copilot Access Enabled
- Deploy your agent using the toolkit
- Open Microsoft 365 Copilot
- Add your Spotto agent
- Test with: "What assets are currently in Building A?"
Agent 365 Tooling Servers (Advanced)
For organizations with Microsoft 365 Copilot licenses and Frontier program access, Agent 365 MCP servers provide native Microsoft 365 integration.
Prerequisites:
- Full Microsoft 365 Copilot license for all users
- Enrollment in the Frontier program
- Admin access to Microsoft Admin Center
Enabling Frontier Features:
- Go to Microsoft Admin Center -> Copilot -> Settings
- Select Copilot Frontier
- Turn on Frontier features
- Wait a few minutes for the "Agents" section to appear
These servers include:
- Microsoft 365 Copilot Search
- SharePoint and OneDrive access
- Outlook Mail management
- Outlook Calendar integration
- Word document creation
Comparison Table
| Product | Use Case | Authentication | Deployment |
|---|---|---|---|
| Copilot Studio | Custom agents for specific workflows | API key (direct) | Organization-wide |
| Microsoft 365 Copilot | Productivity assistant in Office apps | API key or OAuth | Per-user declarative agents |
| GitHub Copilot | Code completion and chat | API key | Developer workstations |
Troubleshooting
Copilot Studio Issues
"MCP server not found"
- Ensure Generative Orchestration is enabled on your agent
- Verify the MCP server URL is correct
- Check your API key is valid in the Spotto Portal
"Authentication failed"
- Confirm you are using the correct header name:
X-API-Key - Verify your API key starts with
apik_ - Check the API key has not been revoked
"Tools not appearing"
- Restart Copilot Studio after adding the MCP server
- Verify the MCP server connection status shows "Connected"
- Check the Tools tab to see if tools are listed but disabled
- If you're using the default
fullendpoint, switch to the matchingreadendpoint
Microsoft 365 Copilot Issues
"Agent not available"
- Ensure you have a Microsoft 365 Copilot license
- Verify Custom App Upload and Copilot Access are enabled
- Check that the agent is published to the Teams or Microsoft 365 Copilot channel
"Connection timeout"
- Verify your network allows HTTPS connections to Spotto endpoints
- Check if a corporate firewall is blocking the connection
- Try the curl test from the Getting Started guide
"Limiting number of tool calls to 70" or "couldn't retrieve the requested items"
- The Copilot client is likely struggling with the full Spotto tool catalog
- Change the MCP URL to the matching regional
readendpoint - Reconnect the MCP server and test again
"OAuth error"
- Confirm the redirect URL matches exactly:
https://teams.microsoft.com/api/platform/v1.0/oAuthRedirect - Verify your OAuth app has the correct client ID and secret
- Check that your app registration is approved by your admin
General MCP Issues
Invalid API key errors:
- Verify you are using the full API key (starts with
apik_) - Check the key has not been revoked in the Spotto Portal
- Ensure you are using the correct regional endpoint
Connection timeouts:
- Verify outbound HTTPS connections are allowed
- Check if a firewall or proxy is blocking the connection
- Try the curl test from the Getting Started guide
Regional Endpoints
| Region | Copilot-friendly read endpoint |
|---|---|
| Australia | https://mcp-au-read.spotto.ai/mcp |
| United States | https://mcp-us-read.spotto.ai/mcp |
| Europe | https://mcp-eu-read.spotto.ai/mcp |
For the matching full and write URLs, see MCP Endpoint Profiles.
Next Steps
- Available Tools - See what queries you can make
- MCP Endpoint Profiles - Compare
full,read, andwrite - Example Queries - Learn effective prompting patterns
- Microsoft Learn: Copilot Studio MCP - Official documentation