Raw Record Source

{
  "$type": "site.standard.document",
  "bskyPostRef": {
    "cid": "bafyreicdxcjlppc4qjtlkjjo7qnwtum6nbnmte5ow6ggak5df4mdxihrp4",
    "uri": "at://did:plc:xxrzfynfiasdpbxteqxi4jgq/app.bsky.feed.post/3mkqtmq6e7fi2"
  },
  "description": "Microsoft 365 Copilot introduces the AI Reader role for Agent 365, providing read-only access to usage, health, and configuration without admin rights. Available from early May 2026, it enables monitoring and reporting while maintaining security and separation of duties. Role assignment is manual...",
  "path": "/m365-message-center/message/mc1296473/",
  "publishedAt": "2026-05-01T00:00:08.000Z",
  "site": "https://blog.tophhie.cloud",
  "tags": [
    "Microsoft 365 admin center",
    "About administrator roles in the Microsoft 365 admin center | Microsoft 365 admin center | Microsoft 365 | Microsoft Learn"
  ],
  "textContent": "**[Introduction]**\n\nWe are introducing the **AI Reader** role for **Agent 365** in _Microsoft 365 Copilot_. This role provides read-only access to agent usage, health, and configuration without requiring Global Administrator permissions. It enables administrators to monitor and report on Agent 365 while maintaining separation of duties and preventing configuration changes.\n\n**[When this will happen]**\n\n**General Availability (Worldwide):** We will begin rolling out this feature in **early May 2026** and expect to complete by **early May 2026**.\n\n**[How this affects your organization]**\n\n_Who is affected_\n\n  * Microsoft 365 tenants using Agent 365\n  * Users assigned the **AI Reader** role\n  * Administrators who manage role assignments for Agent 365\n\n\n\n _What will happen_\n\n  * A new **AI Reader** role will be available in the _Microsoft 365 admin center_.\n  * Users assigned this role can view agent usage, health, and configuration.\n  * Users assigned this role cannot make changes or perform administrative actions.\n  * The AI Reader role is **not assigned by default** and must be explicitly assigned.\n  * Existing roles, permissions, and policies are not changed.\n  * There is no impact to user workflows.\n\n\n\n**[What you can do to prepare]**\n\nNo action is required if your organization does not need read-only visibility into Agent 365.\n\nIf you plan to use this role:\n\n  * Identify users who need **read-only visibility,** **monitoring, or reporting access** without administrative privileges.\n  * Assign the **AI Reader** role to those users.\n\n\n\nTo manage role assignments:\n\n  1. Sign in to the Microsoft 365 admin center using a Global Administrator or User Administrator account.\n  2. Go to **_Roles > Role assignments_**.\n  3. Select **_AI Reader_**.\n  4. Review current assignments and add or remove users as needed.\n\n\n\n**Learn more:** About administrator roles in the Microsoft 365 admin center | Microsoft 365 admin center | Microsoft 365 | Microsoft Learn\n\n**[Compliance considerations]**\n\n**Question**| **Answer**\n---|---\nDoes the change alter how admins can monitor, report on, or demonstrate compliance activities (for example, through Purview or admin reporting)?| Yes. This change introduces the AI Reader role, which provides a new read-only method for administrators or designated users to monitor and report on Agent 365 usage, health, and configuration without granting administrative or modification privileges.",
  "title": "MC1296473: Microsoft 365 Copilot: New AI Reader role for Agent 365 (read-only access)",
  "updatedAt": "2026-05-01T00:00:08.981Z"
}