This post is a part of the AB-620: Designing and Building Integrated AI Agent Solutions in Copilot Studio Exam Prep Hub.
This topic falls under these sections:
Plan and configure agent solutions (30–35%)
--> Plan an agent solution
--> Design agents for internal or external audiences
Note that there are 10 practice questions (with answers) at the end of each section to help you solidify your knowledge of the material. Also, there are 4 practice tests with 30 questions each available from the hub's main page below the exam topics section.
Introduction
One of the first architectural decisions when designing an AI agent in Microsoft Copilot Studio is determining who the intended users are. The audience influences nearly every aspect of the solution, including authentication, security, data access, integrations, conversation design, deployment channels, governance, and compliance.
In general, AI agents are designed for one of two broad audiences:
- Internal audiences – employees, contractors, and trusted business partners within an organization.
- External audiences – customers, vendors, suppliers, citizens, or members of the public.
Although the same technologies can often be used for both, their design requirements differ significantly. An internal HR assistant, for example, has access to confidential employee information and typically uses Microsoft Entra ID authentication, whereas a customer support chatbot on a public website may serve anonymous users and require high scalability.
For the AB-620 exam, you should understand how audience selection affects architecture, security, deployment, integrations, Responsible AI considerations, and user experience.
Why Audience Planning Is Important
Identifying the intended audience early in the planning process helps determine:
- Authentication requirements
- Authorization model
- Data sources
- Enterprise integrations
- Conversation style
- Deployment channels
- Security controls
- Compliance requirements
- Scalability needs
- Monitoring strategy
Design decisions that work well for an internal employee assistant may be inappropriate for a customer-facing chatbot.
Internal Audiences
Internal audiences consist of people who belong to or work closely with the organization.
Examples include:
- Employees
- Contractors
- Consultants
- Internal support staff
- Executives
- Managers
- Business partners (when granted organizational access)
Internal users generally operate within the organization’s identity and security infrastructure.
Common Internal Agent Scenarios
Examples include:
- IT help desk
- HR self-service
- Employee onboarding
- Benefits assistance
- Payroll inquiries
- Leave management
- Knowledge management
- Project support
- Finance assistance
- Internal policy search
These agents typically improve employee productivity and reduce repetitive administrative work.
Characteristics of Internal Agents
Internal agents commonly include:
- Microsoft Entra ID authentication
- Single Sign-On (SSO)
- Role-Based Access Control (RBAC)
- Access to confidential business data
- Enterprise system integrations
- Department-specific permissions
- Microsoft Teams deployment
- Microsoft 365 Copilot integration
- Detailed audit logging
Internal agents often operate within trusted enterprise environments.
External Audiences
External audiences include individuals outside the organization.
Examples include:
- Customers
- Prospective customers
- Vendors
- Suppliers
- Patients
- Students
- Citizens
- Website visitors
- Members of the public
External agents are often designed to improve customer experience and reduce support costs.
Common External Agent Scenarios
Examples include:
- Customer support
- Product information
- Order tracking
- Appointment scheduling
- FAQ assistants
- Banking support
- Insurance claims assistance
- Travel booking assistance
- Healthcare appointment requests
- Retail shopping assistance
These agents are commonly deployed through public-facing channels.
Characteristics of External Agents
External agents often require:
- Public website deployment
- Mobile application integration
- Customer authentication (when needed)
- High availability
- High scalability
- Simplified conversations
- Strong security protections
- Protection against malicious users
- Rate limiting
- Monitoring for abuse
Unlike internal agents, external agents must often support thousands or millions of users.
Comparing Internal and External Agents
| Feature | Internal Agent | External Agent |
|---|---|---|
| Primary users | Employees | Customers or public |
| Authentication | Microsoft Entra ID | Customer identity providers, OAuth, or anonymous access |
| Deployment | Microsoft Teams, Microsoft 365 Copilot, employee portals | Websites, mobile apps, customer portals |
| Data access | Internal enterprise data | Customer-facing information |
| Security | Enterprise identity and RBAC | Internet-facing security controls |
| Scale | Hundreds to thousands of users | Thousands to millions of users |
| Typical goal | Improve employee productivity | Improve customer experience |
Authentication Considerations
Authentication requirements differ significantly depending on the audience.
Internal Authentication
Most internal agents use:
- Microsoft Entra ID
- Single Sign-On (SSO)
- Multi-Factor Authentication (MFA)
- Conditional Access
This allows employees to securely access business resources using their corporate identities.
External Authentication
External agents may support:
- Anonymous users
- Customer accounts
- OAuth providers
- Social identity providers
- Customer Identity and Access Management (CIAM) solutions
The authentication model depends on the business scenario and the sensitivity of the information being accessed.
Authorization Considerations
After users authenticate, authorization determines what they can access.
Examples include:
Internal HR agent:
- View employee benefits
- Submit leave requests
- Access payroll information (based on role)
External customer agent:
- View personal orders
- Check warranty status
- Update personal profile
- Access support tickets
Authorization should always follow the principle of least privilege.
Conversation Design
Different audiences require different conversation styles.
Internal Conversations
Internal users generally:
- Understand company terminology
- Know business processes
- Expect technical accuracy
- Need detailed responses
- Frequently request operational assistance
Conversations can safely include organizational terminology and internal references.
External Conversations
External conversations should be:
- Friendly
- Clear
- Concise
- Easy to understand
- Free of internal jargon
- Guided with simple instructions
Customer-facing agents should avoid exposing internal business processes or confidential information.
Enterprise Integrations
Internal agents commonly integrate with:
- Microsoft Dataverse
- Microsoft Dynamics 365
- Microsoft SharePoint
- Microsoft Teams
- Microsoft Graph
- Human Resources systems
- ERP systems
- IT Service Management (ITSM) platforms
External agents typically integrate with:
- CRM systems
- Customer support platforms
- E-commerce systems
- Order management systems
- Payment services
- Public APIs
The audience influences which systems the agent should access.
Knowledge Sources
Knowledge sources should also be selected based on the intended audience.
Internal knowledge sources include:
- Employee handbook
- HR policies
- Technical documentation
- Internal procedures
- Project documentation
- Corporate SharePoint sites
External knowledge sources include:
- Product documentation
- Public FAQs
- User manuals
- Marketing materials
- Public knowledge bases
- Customer support articles
Never expose confidential internal knowledge through an external agent.
Security Considerations
Internal Agents
Security planning includes:
- Microsoft Entra ID
- RBAC
- Conditional Access
- Audit logging
- Data Loss Prevention (DLP)
- Least privilege
External Agents
Additional protections often include:
- Input validation
- Rate limiting
- CAPTCHA (where appropriate)
- Web Application Firewalls (WAF)
- Abuse detection
- Prompt injection protection
- Secure customer authentication
External agents face a broader range of security threats due to public accessibility.
Responsible AI Considerations
Audience affects Responsible AI planning.
Internal agents should:
- Protect confidential business information
- Respect employee privacy
- Limit access to sensitive records
- Support human escalation for sensitive requests
External agents should:
- Clearly disclose AI-generated responses
- Protect customer privacy
- Avoid collecting unnecessary personal information
- Escalate complex or sensitive issues to human representatives
- Provide transparent limitations
Responsible AI principles apply equally to both audiences but are implemented differently based on context.
Scalability Considerations
Internal agents generally support a relatively predictable number of users.
External agents may experience:
- Seasonal demand spikes
- Marketing-driven traffic
- Large numbers of concurrent users
- Global usage
Planning for external audiences often requires greater emphasis on performance, scalability, and resilience.
Governance Considerations
Governance differs based on the intended audience.
Internal governance focuses on:
- Identity management
- Department ownership
- Internal compliance
- Data classification
- Enterprise integrations
External governance emphasizes:
- Customer privacy
- Regulatory compliance
- Public content review
- Brand consistency
- Service availability
- Incident response
Monitoring
Both internal and external agents should be monitored.
Internal monitoring may focus on:
- Employee adoption
- Conversation success rates
- Workflow completion
- Productivity improvements
External monitoring often includes:
- Customer satisfaction
- Abandonment rates
- Escalation frequency
- Response quality
- Performance
- Security events
- Abuse detection
Common Design Mistakes
Avoid these common mistakes:
- Using internal terminology in customer-facing agents.
- Exposing confidential enterprise knowledge through external agents.
- Applying weak authentication to internal agents.
- Overcomplicating conversations for external users.
- Ignoring scalability for public deployments.
- Granting excessive permissions.
- Using the same security model for both audiences without evaluating risk.
- Failing to monitor production usage.
Best Practices
When designing agents for internal or external audiences:
- Clearly identify the intended audience before designing the solution.
- Select authentication methods appropriate for the audience.
- Apply Role-Based Access Control (RBAC) and least-privilege access.
- Choose deployment channels that align with user workflows.
- Use appropriate enterprise knowledge sources.
- Design conversations that match user expertise.
- Protect confidential organizational data.
- Plan for expected scale and availability.
- Implement Responsible AI practices.
- Continuously monitor and improve the solution after deployment.
Exam Tips
For the AB-620 exam, remember the following:
- Audience selection influences nearly every architectural decision.
- Internal agents typically use Microsoft Entra ID, Microsoft Teams, and enterprise integrations.
- External agents commonly use websites, mobile apps, and customer-facing systems.
- Internal agents access confidential organizational data, while external agents should expose only approved public or customer-specific information.
- Apply the principle of least privilege to both internal and external solutions.
- Use conversation styles appropriate to the audience.
- External agents generally require greater scalability and stronger protections against public threats.
- Responsible AI principles apply to all agents regardless of audience.
- Monitoring and governance remain important throughout the solution lifecycle.
Practice Exam Questions
Question 1
A company wants to build an AI agent that allows employees to check payroll information and submit vacation requests through Microsoft Teams. Which audience is the agent primarily designed for?
A. External customers
B. Business partners without company accounts
C. Internal employees
D. Public website visitors
Correct Answer: C
Explanation: Payroll and vacation information are internal business functions intended for employees. Microsoft Teams and Microsoft Entra ID are common platforms for internal employee-facing agents.
Question 2
Which deployment channel is generally the best choice for an AI agent designed to answer questions from visitors browsing a company’s public website?
A. Microsoft Teams
B. Public website
C. Employee portal
D. Microsoft 365 Copilot
Correct Answer: B
Explanation: Public websites are the most common deployment channel for customer-facing AI agents that provide product information, FAQs, and support.
Question 3
Which authentication approach is most appropriate for an internal HR assistant used only by employees?
A. Anonymous access
B. Shared administrator account
C. Microsoft Entra ID with Single Sign-On
D. Public API key authentication
Correct Answer: C
Explanation: Internal enterprise agents typically use Microsoft Entra ID with Single Sign-On to provide secure, seamless authentication for employees.
Question 4
A customer-facing AI agent should avoid exposing which type of information?
A. Public product documentation
B. Marketing content
C. Public FAQs
D. Internal HR policies and confidential business documents
Correct Answer: D
Explanation: External agents should only expose approved public or customer-specific information. Confidential internal documents should never be available to public users.
Question 5
Why do external AI agents typically require greater scalability than internal agents?
A. They always use Microsoft Teams.
B. They generally serve larger and less predictable user populations.
C. They never require authentication.
D. They cannot access enterprise systems.
Correct Answer: B
Explanation: External agents often serve thousands or millions of customers and may experience significant traffic spikes, requiring scalable architectures.
Question 6
Which conversation characteristic is generally most appropriate for an external customer-facing AI agent?
A. Use extensive internal acronyms and technical terminology.
B. Assume users understand company-specific business processes.
C. Provide concise, user-friendly responses using plain language.
D. Require detailed technical knowledge before beginning the conversation.
Correct Answer: C
Explanation: External users benefit from clear, concise, and jargon-free conversations that are easy to understand.
Question 7
An organization is designing an AI agent that retrieves employee handbook information from SharePoint. Which knowledge source is most appropriate?
A. Public product catalog
B. Internal SharePoint knowledge repository
C. External social media posts
D. Public marketing website
Correct Answer: B
Explanation: Employee handbooks are internal documents and should be stored in secured enterprise repositories such as SharePoint with appropriate access controls.
Question 8
Which security practice should be applied to both internal and external AI agents?
A. Allow unrestricted access to all enterprise systems.
B. Use anonymous authentication for all users.
C. Eliminate audit logging to improve performance.
D. Apply the principle of least privilege when granting permissions.
Correct Answer: D
Explanation: Least privilege is a fundamental security principle that limits permissions to only those necessary, reducing security risks for both internal and external solutions.
Question 9
What is one key governance difference between internal and external AI agents?
A. Only external agents require monitoring.
B. Internal agents do not require compliance planning.
C. External agents place greater emphasis on customer privacy, public content review, and brand consistency.
D. Internal agents never integrate with enterprise systems.
Correct Answer: C
Explanation: While governance is important for all AI agents, external solutions must also address customer privacy, public communications, and brand reputation in addition to security and compliance.
Question 10
An architect is determining authentication methods, deployment channels, enterprise integrations, and conversation style before building a Copilot Studio agent. What is the most important planning activity that should be completed first?
A. Select the programming language for connectors.
B. Create Adaptive Cards for every conversation.
C. Design the monitoring dashboard.
D. Identify whether the agent is intended for an internal or external audience.
Correct Answer: D
Explanation: Identifying the target audience is a foundational planning activity because it influences authentication, security, deployment, knowledge sources, integrations, governance, and the overall user experience.
Go to the AB-620 Exam Prep Hub main page
