This post is a part of the AB-620: Designing and Building Integrated AI Agent Solutions in Copilot Studio Exam Prep Hub. This topic falls under these sections: Integrate and extend agents in Copilot Studio (40–45%) --> Configure multi-agent collaboration from Copilot Studio --> Create a multi-agent solution by using A2A protocol
Note that there are 10 practice questions (with answers) at the end of each section to help you solidify your knowledge of the material. Also, there are 4 practice tests with 30 questions each available from the hub's main page below the exam topics section.
Overview
The Agent-to-Agent (A2A) protocol in Microsoft Copilot Studio enables multiple AI agents to communicate, delegate tasks, and collaborate across systems in a standardized way. Instead of one monolithic agent handling all responsibilities, A2A allows you to design specialized agents that exchange structured messages and coordinate outcomes.
In the AB-620 exam context, this topic focuses on:
Designing distributed agent systems
Configuring cross-agent communication
Defining task delegation patterns
Managing orchestration between agents
What the A2A Protocol Is
The A2A protocol is a communication framework that allows agents to:
Send structured requests to other agents
Receive responses in a standardized format
Delegate tasks dynamically at runtime
Collaborate across environments or platforms
It supports interoperability between Copilot Studio agents and external agent systems, making it foundational for multi-agent architectures.
Core Principles of A2A
1. Agent Specialization
Each agent is designed for a specific role, such as:
HR policy assistant
Finance reporting agent
IT service desk agent
Customer support triage agent
2. Message-Based Communication
Agents communicate using:
Structured requests
JSON-based payloads
Defined schemas for input/output
3. Loose Coupling
Agents do not need to know internal implementation details of other agents.
4. Orchestration Flexibility
A coordinator or “primary agent” may:
Route requests
Aggregate responses
Handle fallback scenarios
A2A Architecture in Copilot Studio
A typical A2A solution includes:
1. Primary (Orchestrator) Agent
Receives user input
Determines which agent should handle the task
Aggregates results
2. Worker Agents
Perform specialized tasks
Return structured outputs
3. Communication Layer (A2A Protocol)
Handles message formatting
Ensures compatibility across agents
How A2A Works (Flow)
User submits request to primary agent
Primary agent evaluates intent
Task is delegated via A2A protocol
Worker agent processes request
Response is returned to orchestrator
Final response is assembled and sent to user
When to Use A2A in Copilot Studio
A2A is ideal when:
Multiple business domains are involved
Tasks require specialized expertise
Workloads must be distributed
Systems need modular AI design
Configuration Steps (Conceptual for Exam)
Step 1: Define Agent Roles
Identify each agent’s responsibility
Avoid overlapping domains
Step 2: Enable A2A Communication
Register agents in Copilot Studio environment
Enable cross-agent communication permissions
Step 3: Define Message Schema
Include:
Task type
Input parameters
Expected output format
Step 4: Configure Routing Logic
Use rules or generative orchestration
Map intents to agents
Step 5: Test Multi-Agent Flow
Validate request delegation
Ensure correct response aggregation
Key Design Patterns
1. Hub-and-Spoke Model
One central orchestrator
Multiple specialized agents
2. Chain-of-Agents Pattern
Output of one agent becomes input to another
3. Parallel Execution Pattern
Multiple agents process simultaneously
Results merged afterward
Best Practices
1. Keep Agents Focused
Avoid creating “do everything” agents.
2. Standardize Payloads
Use consistent schemas for:
Requests
Responses
Error handling
3. Implement Fallback Logic
If an agent fails:
Retry
Route to backup agent
Return partial results
4. Monitor Inter-Agent Traffic
Track:
Latency between agents
Failure rates
Task distribution efficiency
5. Avoid Over-Orchestration
Too many routing layers can:
Increase latency
Reduce maintainability
Common Use Cases
Enterprise IT + HR + Finance agent ecosystems
Customer service triage systems
Multi-department workflow automation
Cross-platform enterprise assistants
Industry-specific AI agent networks
Practice Exam Questions
1. What is the primary purpose of the A2A protocol in Copilot Studio?
A. To replace Power Automate flows entirely B. To enable structured communication between multiple agents C. To store conversation history in Dataverse D. To train large language models
Correct Answer: B
Explanation: A2A is designed to enable standardized communication between agents in a multi-agent system.
2. Which architecture best describes a typical A2A solution?
A. Single monolithic agent B. Event-driven serverless function only C. Hub-and-spoke multi-agent system D. Static chatbot tree
Correct Answer: C
Explanation: A2A commonly uses a central orchestrator with multiple specialized agents.
3. What is a key benefit of using A2A in Copilot Studio?
A. Eliminates need for authentication B. Enables distributed agent specialization C. Removes dependency on semantic models D. Prevents all external integrations
Correct Answer: B
Explanation: A2A allows agents to specialize and collaborate rather than handling all tasks in one system.
4. In an A2A flow, what typically happens first?
A. Worker agent returns response B. User directly contacts worker agent C. Orchestrator agent interprets the user request D. Data is written to a database
Correct Answer: C
Explanation: The orchestrator agent receives and analyzes the user request before delegation.
5. What format is commonly used for A2A message exchange?
A. Binary executable files B. JSON-based structured payloads C. Excel spreadsheets D. Plain text emails
Correct Answer: B
Explanation: A2A communication typically uses structured JSON payloads for interoperability.
6. Which scenario is BEST suited for A2A implementation?
A. A single FAQ chatbot B. A simple form submission bot C. A multi-department enterprise assistant system D. A static website FAQ page
Correct Answer: C
Explanation: A2A is ideal for distributed, multi-domain enterprise scenarios.
7. What is a worker agent responsible for in an A2A system?
A. Orchestrating all other agents B. Training language models C. Performing specialized tasks and returning results D. Managing user authentication
Correct Answer: C
Explanation: Worker agents execute specific tasks delegated by the orchestrator.
8. What is a risk of overusing orchestration layers in A2A design?
A. Improved performance B. Reduced system complexity C. Increased latency and maintenance overhead D. Elimination of errors
Correct Answer: C
Explanation: Too many orchestration layers can slow down and complicate the system.
9. Which pattern involves multiple agents processing tasks simultaneously?
A. Chain-of-agents pattern B. Parallel execution pattern C. Linear scripting pattern D. Singleton agent pattern
Correct Answer: B
Explanation: Parallel execution allows multiple agents to process tasks at the same time.
10. What is a best practice when designing A2A message schemas?
A. Allow free-form unstructured text only B. Avoid defining response formats C. Standardize input and output payload structures D. Let each agent define its own format
Correct Answer: C
Explanation: Standardization ensures interoperability and reduces integration issues.
Note that there are 10 practice questions (with answers) at the end of each section to help you solidify your knowledge of the material. Also, there are 4 practice tests with 30 questions each available from the hub's main page below the exam topics section.
Overview
A Fabric data agent is used to enable an AI agent in Copilot Studio to interact with enterprise data stored in Microsoft Fabric. This includes semantic models, lakehouses, warehouses, and other Fabric-based data assets. The integration allows users to ask natural language questions and receive grounded, governed responses based on curated datasets.
In AB-620, this topic focuses on how Copilot Studio agents connect to Fabric data sources, how queries are interpreted, and how data governance and security are enforced during retrieval.
Core Concept: What a Fabric Data Agent Does
A Fabric data agent acts as a semantic layer bridge between:
Copilot Studio agents (natural language interface)
Microsoft Fabric data assets (structured analytics layer)
It enables:
Natural language querying over Fabric datasets
Retrieval of governed business metrics
Consistent answers aligned with semantic models
Reduced need for direct query writing (SQL/DAX)
Key Capabilities
When integrating a Fabric data agent, you should understand these capabilities:
1. Natural Language to Semantic Query Translation
The agent converts user prompts into structured queries against:
Power BI semantic models
Fabric warehouses
Lakehouse tables
2. Semantic Model Awareness
The agent respects:
Measures
Relationships
Calculated columns
Business definitions (KPIs)
3. Governance and Security Enforcement
Access is controlled through:
Microsoft Entra ID authentication
Role-Level Security (RLS)
Object-level permissions in Fabric/Power BI
4. Contextual Answer Generation
Responses are:
Grounded in Fabric data only
Filtered based on user permissions
Summarized for conversational output
Prerequisites for Integration
Before integrating a Fabric data agent, ensure:
A Microsoft Fabric workspace is configured
A semantic model exists (Power BI dataset or Fabric model)
Data is properly modeled (relationships, measures defined)
Users have access permissions (Viewer or higher depending on scenario)
Copilot Studio environment is enabled for enterprise data integration
How Integration Works (Conceptual Flow)
The integration process follows this flow:
User asks a question in Copilot Studio
Agent identifies intent as a data query
Request is routed to Fabric data agent
Fabric semantic model is queried
Results are returned in structured form
Copilot Studio formats response into conversational output
Configuration Steps (High-Level)
While exact UI steps may evolve, the exam expects conceptual understanding:
1. A company wants Copilot Studio agents to answer questions using metrics stored in a Fabric warehouse. What is required first?
A. Enable Power Automate flows for all queries B. Create a semantic model over the warehouse data C. Export data to Azure SQL Database D. Enable Azure AI Search indexing
Correct Answer: B
Explanation: A Fabric data agent relies on semantic models to interpret business metrics and relationships. Without a semantic layer, natural language queries cannot be correctly mapped.
2. What is the primary role of a Fabric data agent in Copilot Studio?
A. Execute REST API calls to external systems B. Translate natural language into semantic model queries C. Train large language models on enterprise data D. Replace Power BI dashboards entirely
Correct Answer: B
Explanation: The Fabric data agent acts as a bridge between natural language input and structured queries against Fabric semantic models.
3. Which security mechanism ensures users only see data they are allowed to access?
A. Azure API Management policies B. Row-Level Security (RLS) in Fabric C. Copilot Studio topic restrictions D. Dataflow Gen2 filters
Correct Answer: B
Explanation: RLS in Fabric enforces row-level restrictions based on user identity.
4. What type of data source is primarily used by Fabric data agents?
A. Unstructured PDF documents B. REST APIs only C. Semantic models in Microsoft Fabric D. Local Excel files uploaded manually
Correct Answer: C
Explanation: Fabric data agents are designed to work with structured semantic models.
5. Why is a semantic model important for Fabric data agent integration?
A. It enables AI model training B. It provides business definitions and relationships C. It replaces the need for authentication D. It stores raw unprocessed logs
Correct Answer: B
Explanation: Semantic models define relationships, measures, and business logic used for query interpretation.
6. A user asks a question that requires filtering sales by region. What does the Fabric data agent use to answer correctly?
A. Hardcoded filters in Copilot Studio topics B. Semantic model relationships and measures C. Power Automate approval flows D. Azure Logic Apps workflows
Correct Answer: B
Explanation: Filtering logic is derived from the semantic model structure.
7. What is a recommended best practice when preparing data for a Fabric data agent?
A. Use raw unmodeled tables for flexibility B. Expose all columns to maximize coverage C. Use business-friendly naming in semantic models D. Disable relationships between tables
Correct Answer: C
Explanation: Clear naming improves AI interpretation and response quality.
8. How does Copilot Studio ensure secure access to Fabric data?
A. By duplicating datasets into Copilot Studio B. By bypassing Entra ID for faster access C. By enforcing authentication and inherited Fabric permissions D. By caching all data in memory
Correct Answer: C
Explanation: Access is controlled through Entra ID and inherited Fabric permissions.
9. What happens when a user query exceeds the scope of the connected Fabric dataset?
A. The agent guesses an answer B. The request is forwarded to REST APIs C. The agent responds that data is unavailable or out of scope D. The system automatically creates a new dataset
Correct Answer: C
Explanation: The agent can only respond based on connected and governed data sources.
10. Which scenario best demonstrates use of a Fabric data agent?
A. Sending emails based on workflow triggers B. Querying sales performance using natural language C. Uploading files to SharePoint D. Creating PowerPoint slides automatically
Correct Answer: B
Explanation: Fabric data agents are designed for conversational analytics over structured enterprise data.
This post is a part of the AB-620: Designing and Building Integrated AI Agent Solutions in Copilot Studio Exam Prep Hub. This topic falls under these sections: Integrate and extend agents in Copilot Studio (40–45%) --> Configure multi-agent collaboration from Copilot Studio --> Design multi-agent solutions in Copilot Studio
Note that there are 10 practice questions (with answers) at the end of each section to help you solidify your knowledge of the material. Also, there are 4 practice tests with 30 questions each available from the hub's main page below the exam topics section.
Learning Objectives
After completing this article, you should be able to:
Understand what a multi-agent solution is.
Explain why organizations use multiple AI agents.
Identify the major components of a multi-agent architecture.
Differentiate between parent agents, child agents, and connected agents.
Design effective agent responsibilities.
Select appropriate routing and orchestration strategies.
Apply Microsoft-recommended design principles for enterprise AI solutions.
Introduction
As organizations adopt AI across multiple business functions, a single AI agent often becomes insufficient for handling every task. Large enterprises require AI systems capable of managing specialized workloads, integrating with diverse systems, and scaling independently.
Microsoft Copilot Studio addresses this challenge by enabling developers to create multi-agent solutions, where multiple specialized agents collaborate to solve complex business problems.
Rather than building one large, monolithic agent responsible for every interaction, developers can create multiple focused agents that communicate and cooperate while maintaining clear responsibilities.
This modular approach improves scalability, maintainability, security, and user experience.
What Is a Multi-Agent Solution?
A multi-agent solution consists of two or more AI agents working together toward a shared objective.
Each agent specializes in a particular domain or capability.
Example:
Instead of one agent handling everything, an organization creates:
HR Agent
IT Help Desk Agent
Finance Agent
Facilities Agent
Sales Agent
Customer Service Agent
Each agent focuses on its own area of expertise.
When necessary, agents collaborate to complete broader workflows.
Why Use Multiple Agents?
Multi-agent systems provide several advantages over a single large agent.
Benefits include:
Better Specialization
Each agent becomes an expert in a limited business domain.
Example:
Rather than one agent answering every possible company question,
Create:
Benefits Agent
Payroll Agent
Recruiting Agent
Each delivers more accurate responses.
Easier Maintenance
Updating one specialized agent is easier than modifying a massive all-purpose agent.
Benefits include:
fewer unintended side effects
simpler testing
faster deployments
independent versioning
Improved Scalability
Different agents can scale independently.
For example:
Customer Support Agent
thousands of daily requests
Finance Approval Agent
dozens of daily requests
Each can be optimized separately.
Better Security
Different agents can have different permissions.
Example:
Payroll Agent
Access:
salary information
tax records
Sales Agent
Access:
CRM data
The Sales Agent never needs payroll permissions.
Improved Reliability
If one specialized agent becomes unavailable,
Other agents continue operating.
This improves overall system resilience.
Multi-Agent Terminology
Understanding Microsoft’s terminology is essential for the AB-620 exam.
Term
Description
Agent
An AI assistant designed for a specific purpose
Parent Agent
Coordinates other agents
Child Agent
Performs delegated work
Connected Agent
Independent agent available for collaboration
Tool
Capability an agent can invoke
Topic
Conversation workflow
Knowledge Source
Information available to an agent
Context
Information shared during conversations
Delegation
Passing work to another agent
Orchestration
Coordinating multiple agents
Core Components of a Multi-Agent Solution
Most enterprise architectures include several components.
User
Starts the conversation.
↓
Parent Agent
Receives the request.
↓
Decision Logic
Determines which specialized agent should handle the task.
↓
Specialized Agent
Executes the requested task.
↓
External Systems
Databases
APIs
Microsoft 365
Power Platform
Azure AI Search
ERP systems
CRM systems
↓
Response Returned
Results flow back through the parent agent to the user.
Designing Specialized Agents
One of Microsoft’s primary recommendations is:
Design agents around business capabilities—not technologies.
Poor design:
One “Super Agent”
Responsibilities:
HR
Finance
Sales
IT
Marketing
Legal
Procurement
Problems:
difficult to maintain
confusing prompts
unnecessary permissions
reduced accuracy
Better design:
HR Agent
Handles:
benefits
vacation
onboarding
Finance Agent
Handles:
invoices
budgets
expense reports
IT Agent
Handles:
password resets
devices
software
support tickets
Each agent remains focused.
Agent Responsibilities
Every agent should have clearly defined responsibilities.
Good responsibilities are:
specific
measurable
independent
reusable
Example
Travel Agent
Responsibilities:
✓ Book flights
✓ Reserve hotels
✓ Check travel policies
Not responsible for:
✗ Payroll
✗ IT tickets
✗ Customer support
Designing Agent Boundaries
One common exam objective is identifying proper agent boundaries.
Ask:
What business capability owns this task?
Not:
Which department requested it?
Example
Employee requests:
“I need a laptop.”
Poor routing:
HR Agent
Better routing:
IT Agent
Reason:
Hardware provisioning belongs to IT.
Parent Agents
The parent agent serves as the coordinator.
Responsibilities include:
understanding requests
selecting child agents
maintaining conversation flow
combining responses
returning final answers
Think of the parent agent as a project manager.
Child Agents
Child agents perform specialized work delegated by the parent agent.
Examples include:
Benefits Agent
Inventory Agent
Legal Agent
Facilities Agent
Payroll Agent
Each performs work without needing knowledge of the broader conversation.
Connected Agents
Connected agents differ slightly from child agents.
Connected agents are:
independently published
reusable
discoverable
callable by other agents
This promotes reuse across multiple solutions.
Example
Company has:
Expense Agent
Multiple departments can connect to it:
HR
Sales
Finance
Operations
Rather than creating duplicate expense logic.
Choosing Between Child and Connected Agents
Child Agent
Connected Agent
Used within one solution
Reusable across solutions
Parent controls lifecycle
Independent lifecycle
Tight integration
Looser integration
Typically internal
Enterprise-wide reuse
Orchestration
Orchestration is the process of coordinating multiple agents.
Granting excessive permissions to specialized agents.
Routing requests solely by keywords when semantic routing is more appropriate.
Tightly coupling agents that should be reusable.
Failing to define clear ownership for business capabilities.
AB-620 Exam Tips
For the exam, remember these key concepts:
A multi-agent solution consists of multiple specialized agents working together.
Parent agents coordinate conversations and delegate work.
Child agents perform specialized tasks within a solution.
Connected agents are independently published and reusable across multiple solutions.
Orchestration manages how agents collaborate to fulfill user requests.
Design agents around business capabilities, not organizational departments.
Use AI-based routing when requests are complex or ambiguous.
Keep agents modular, secure, maintainable, and independently scalable.
Advanced Multi-Agent Design Patterns
Once you understand the fundamentals of multi-agent solutions, the next step is learning how to design enterprise-grade architectures. Microsoft expects AI Agent Builders to select appropriate collaboration patterns based on business requirements rather than attempting to solve every problem with a single architecture.
Pattern 1 – Hub-and-Spoke (Recommended)
This is the most common architecture used in Copilot Studio.
User
│
Parent Agent
┌────────┼────────┐
│ │ │
HR Agent IT Agent Finance Agent
│ │ │
└────────┼────────┘
Consolidated Response
Advantages
Centralized orchestration
Easy governance
Simplified security
Easy monitoring
Scalable
Easy to troubleshoot
Typical Uses
Enterprise copilots
Employee self-service
Customer support
IT service desks
Pattern 2 – Sequential Workflow
Each agent performs one step before passing work to the next.
A parent agent coordinates requests without requiring centralized ownership of every specialized agent.
Agent Communication Lifecycle
Most multi-agent conversations follow this sequence:
Step 1
User submits request.
↓
Step 2
Parent agent interprets intent.
↓
Step 3
Appropriate specialized agent is selected.
↓
Step 4
Context is transferred.
↓
Step 5
Specialized agent completes work.
↓
Step 6
Result returns to parent.
↓
Step 7
Parent formats final response.
Context Sharing
Context refers to the information needed for another agent to complete work.
Examples include:
User identity
Previous conversation
Variables
Business data
Parameters
Selected products
Order numbers
Good context sharing reduces duplicate questions and improves user experience.
Example
Without context:
Parent Agent:
“What order number?”
↓
Inventory Agent:
“What order number?”
↓
Shipping Agent:
“What order number?”
Poor experience.
Better
Parent collects:
Order #14567
Passes it automatically to downstream agents.
State Management
State represents information preserved during a conversation.
Examples include:
Customer ID
Shopping cart
Selected location
Previous answers
Authentication status
Good state management allows conversations to continue naturally.
Example
User:
“I’d like to change my reservation.”
Five minutes later:
“Can you move it to next Tuesday?”
The agent remembers the reservation discussed earlier.
Stateless vs. Stateful Design
Stateless
Stateful
No memory between requests
Maintains conversation context
Simple implementation
More personalized interactions
Highly scalable
Supports complex workflows
Good for APIs
Good for conversational agents
Copilot Studio frequently combines both approaches depending on the scenario.
Security Considerations
Every agent should follow the principle of least privilege.
Example
Benefits Agent
Access
✓ Benefits database
✗ Payroll database
✗ Financial records
Finance Agent
Access
✓ Expense reports
✓ Budgets
✗ HR records
This reduces risk and improves compliance.
Authentication
Each specialized agent may authenticate independently.
Possible methods include:
Microsoft Entra ID
OAuth 2.0
Managed identities
API Keys (when appropriate)
The parent agent should not automatically inherit unrestricted access to every connected system.
Performance Considerations
Large organizations may operate dozens or even hundreds of specialized agents.
Performance can be improved by:
Running independent agents in parallel
Caching frequently accessed information
Reusing connected agents
Avoiding unnecessary delegations
Limiting context passed between agents
Reducing repeated API calls
Scalability
A good architecture should support future growth.
Instead of:
Parent
↓
One giant agent
Use:
Parent
↓
HR
Finance
Sales
Legal
IT
Marketing
Facilities
Travel
Procurement
New business capabilities can be added without redesigning the entire solution.
Monitoring Multi-Agent Solutions
Enterprise deployments should monitor:
Conversation success rate
Agent selection accuracy
API failures
Response times
Authentication failures
Delegation failures
User satisfaction
Tool execution success
Token usage
Error frequency
Monitoring enables continuous improvement and faster troubleshooting.
Troubleshooting Collaboration Issues
Common issues include:
Incorrect Routing
Symptoms
Wrong agent selected
Irrelevant responses
Solution
Improve routing logic or intent recognition.
Missing Context
Symptoms
Users repeatedly answer the same questions.
Solution
Share required variables between agents.
Permission Errors
Symptoms
Agent cannot access required resources.
Solution
Review security roles and connector permissions.
Delegation Loops
Symptoms
Agent A
↓
Agent B
↓
Agent A
↓
Agent B
Avoid circular delegation by defining clear ownership and termination conditions.
Slow Performance
Causes
Too many API calls
Excessive context transfer
Sequential execution when parallel processing is possible
Single-Agent vs. Multi-Agent Architecture
Single Agent
Multi-Agent
Simple implementation
More flexible
Limited specialization
Highly specialized
Harder to scale
Scales independently
Large prompt
Smaller focused prompts
One security model
Granular permissions
Lower maintenance flexibility
Independent lifecycle management
Good for small solutions
Best for enterprise solutions
Real-World Enterprise Scenario 1
A global manufacturing company deploys:
HR Agent
Payroll Agent
IT Agent
Procurement Agent
Maintenance Agent
The Enterprise Copilot receives:
“Order a replacement laptop for my new employee.”
Possible workflow:
Parent Agent identifies onboarding request.
HR Agent confirms employee status.
Procurement Agent verifies available hardware.
IT Agent creates deployment ticket.
Parent Agent summarizes results.
No single specialized agent performs every task.
Real-World Enterprise Scenario 2
Customer asks:
“My shipment is late and I’d like a refund.”
Workflow:
Parent Agent
↓
Order Agent
↓
Shipping Agent
↓
Finance Agent
↓
Customer Support Agent
↓
Response returned
Each agent performs one specialized responsibility.
Design Decision Matrix
Requirement
Recommended Design
Simple FAQ bot
Single agent
Enterprise employee assistant
Multi-agent hub-and-spoke
Department specialization
Connected agents
Approval workflows
Sequential orchestration
Independent business units
Federated architecture
Large enterprise platform
Parent with reusable connected agents
Summary
For the AB-620 exam, remember these key points:
Multi-agent solutions improve scalability, maintainability, and specialization.
Parent agents orchestrate work across specialized agents.
Child agents perform delegated tasks within a solution.
Connected agents are reusable across multiple solutions.
Effective context sharing minimizes repeated user input.
State management enables natural, continuous conversations.
Security should follow the principle of least privilege.
Parallel execution can improve performance.
Monitoring and troubleshooting are essential for production deployments.
Select an architecture that aligns with business requirements rather than forcing a single design pattern.
Practice Exam Questions
Question 1
A company wants a Copilot solution where HR, Finance, and IT each maintain their own specialized agents while a single enterprise assistant coordinates user requests. Which architecture is most appropriate?
A. Hub-and-spoke multi-agent architecture
B. Single-agent architecture
C. Stateless REST API architecture
D. Batch processing architecture
Answer: A
Explanation: A hub-and-spoke architecture uses a parent agent to coordinate specialized agents, making it ideal for enterprise scenarios where multiple business domains are involved.
Question 2
What is the primary responsibility of a parent agent in a multi-agent solution?
A. Store all enterprise data
B. Replace every specialized agent
C. Orchestrate conversations and delegate work
D. Authenticate every external API directly
Answer: C
Explanation: The parent agent coordinates conversations, selects the appropriate specialized agent, manages context, and returns a unified response.
Question 3
Which design principle helps reduce unnecessary security risks in multi-agent solutions?
A. Shared administrator permissions
B. Principle of least privilege
C. Universal read/write access
D. Anonymous authentication
Answer: B
Explanation: Granting each agent only the permissions it requires minimizes the attack surface and aligns with Microsoft’s security recommendations.
Question 4
A company wants multiple departments to reuse the same Expense Approval agent without duplicating its logic. Which type of agent is most appropriate?
A. Parent agent
B. Temporary agent
C. Stateless agent
D. Connected agent
Answer: D
Explanation: Connected agents are independently published and reusable across multiple solutions or departments.
Question 5
Why is context sharing important between collaborating agents?
A. It encrypts API traffic automatically.
B. It eliminates authentication requirements.
C. It prevents users from repeatedly providing the same information.
D. It replaces business rules.
Answer: C
Explanation: Sharing relevant context improves efficiency and provides a smoother conversational experience.
Question 6
Which collaboration pattern is generally the best choice when several independent tasks can be completed simultaneously?
A. Parallel processing
B. Sequential workflow
C. Single-agent routing
D. Manual delegation
Answer: A
Explanation: Parallel processing reduces overall response time by allowing multiple specialized agents to work concurrently.
Question 7
A conversation requires remembering a reservation number while multiple agents collaborate. Which capability is most important?
A. Stateless routing
B. Keyword matching
C. State management
D. Anonymous access
Answer: C
Explanation: State management preserves important conversation data across interactions and between collaborating agents.
Question 8
Which issue is most likely to occur if agent responsibilities overlap significantly?
A. Improved specialization
B. Easier maintenance
C. Lower API costs
D. Incorrect routing and duplicated functionality
Answer: D
Explanation: Overlapping responsibilities create ambiguity, increase maintenance complexity, and may cause requests to be routed incorrectly.
Question 9
What is the primary advantage of designing specialized agents around business capabilities instead of departments?
A. Reduced conversation quality
B. Clear ownership and easier long-term maintenance
C. Elimination of authentication
D. Guaranteed parallel execution
Answer: B
Explanation: Business capability–based design creates well-defined responsibilities, improving maintainability, scalability, and reuse.
Question 10
A global organization expects to add new AI capabilities every few months. Which architectural characteristic best supports future growth?
A. One large monolithic agent
B. Hard-coded routing rules only
C. Modular multi-agent architecture with independently scalable agents
D. Manual agent switching by users
Answer: C
Explanation: A modular multi-agent architecture allows organizations to add or update specialized agents independently without redesigning the entire solution, making it the preferred enterprise approach.
Note that there are 10 practice questions (with answers) at the end of each section to help you solidify your knowledge of the material. Also, there are 4 practice tests with 30 questions each available from the hub's main page below the exam topics section.
Introduction
One of the most important planning activities when designing an AI agent is determining how the agent and its users will be identified, authenticated, and authorized. An effective identity strategy ensures that agents securely access enterprise resources while protecting sensitive organizational data.
In Microsoft Copilot Studio, an identity strategy defines:
How users sign in
How the agent authenticates to external systems
What permissions users and agents receive
How identities are managed across enterprise applications
How security policies are enforced
How compliance requirements are met
Identity planning is closely related to security planning. Before integrating an agent with Microsoft 365, Dynamics 365, SharePoint, Azure AI Search, REST APIs, or other enterprise systems, architects must determine how identities will be established and trusted.
For the AB-620 exam, you should understand the principles of identity management, authentication methods, authorization models, Microsoft Entra ID, delegated versus application permissions, service principals, managed identities, and least-privilege access.
Why an Identity Strategy Is Important
Without a well-designed identity strategy, an AI agent could:
Access unauthorized information
Perform actions it should not perform
Expose sensitive data
Violate compliance requirements
Create security vulnerabilities
Fail to authenticate with enterprise systems
A properly planned identity strategy ensures:
Secure user authentication
Secure system authentication
Appropriate authorization
Protection of enterprise resources
Regulatory compliance
Consistent user experiences
Identity should be planned before any integrations are implemented.
Key Identity Concepts
Understanding several core identity concepts is essential.
Identity
An identity represents a person, application, service, or device.
Examples include:
Employee
Customer
Administrator
AI agent
Service account
Application
Every identity has unique characteristics that distinguish it from others.
Authentication
Authentication answers the question:
Who are you?
Authentication verifies the identity of a user or application before granting access.
Common authentication methods include:
Username and password
Multi-factor authentication (MFA)
OAuth 2.0
OpenID Connect
Microsoft Entra ID sign-in
Certificate-based authentication
Successful authentication establishes trust.
Authorization
Authorization answers the question:
What are you allowed to do?
After authentication, authorization determines which resources the identity can access.
Microsoft Entra ID is the primary identity provider for Microsoft cloud services.
Single Sign-On improves both usability and security.
MFA adds an additional layer of protection.
Delegated permissions operate on behalf of a signed-in user.
Application permissions allow applications to act independently.
Managed identities eliminate the need to manage credentials for Azure services.
Service principals represent applications in Microsoft Entra ID.
OAuth is generally preferred over API keys.
Always apply the principle of least privilege.
Practice Exam Questions
Question 1
A company wants its AI agent to access Microsoft 365 resources using the identity of the signed-in employee. Which permission model should be used?
A. Application permissions
B. Delegated permissions
C. Anonymous access
D. API key authentication
Correct Answer:B
Explanation: Delegated permissions allow the AI agent to perform actions on behalf of the signed-in user and respect that user’s existing permissions.
Question 2
What is the primary purpose of authentication?
A. Determine which resources a user can modify
B. Encrypt all enterprise data
C. Verify the identity of a user or application
D. Record audit logs
Correct Answer:C
Explanation: Authentication establishes who the user or application is before access decisions are made. Authorization determines what the authenticated identity can access.
Question 3
An Azure-hosted service needs to authenticate to Azure resources without storing passwords or secrets. Which identity solution is recommended?
A. Managed identity
B. API key
C. Shared service account
D. Username and password
Correct Answer:A
Explanation: Managed identities automatically manage credentials for Azure services, eliminating the need to store or rotate secrets.
Question 4
Which Microsoft service is the primary identity provider for Microsoft cloud applications and Copilot Studio integrations?
A. Azure AI Search
B. Microsoft Defender for Cloud
C. Microsoft Dataverse
D. Microsoft Entra ID
Correct Answer:D
Explanation: Microsoft Entra ID provides authentication, authorization, Single Sign-On, Conditional Access, and identity management for Microsoft cloud services.
Question 5
A background process updates inventory records every night without any user interaction. Which permission model is most appropriate?
A. Delegated permissions
B. Anonymous authentication
C. Application permissions
D. Guest user permissions
Correct Answer:C
Explanation: Application permissions allow applications to operate independently of a signed-in user, making them appropriate for scheduled or automated processes.
Question 6
Which security principle recommends granting only the permissions required to perform a specific task?
A. Defense in depth
B. Separation of duties
C. Zero Trust
D. Least privilege
Correct Answer:D
Explanation: The principle of least privilege minimizes security risks by limiting permissions to only those necessary for the required operations.
Question 7
Which authentication mechanism is generally preferred over API keys because it provides temporary access tokens and granular authorization?
A. Basic Authentication
B. OAuth 2.0
C. NTLM
D. Windows Authentication
Correct Answer:B
Explanation: OAuth 2.0 issues temporary access tokens instead of sharing passwords and supports fine-grained authorization scopes.
Question 8
What is the primary benefit of Single Sign-On (SSO)?
A. It permanently stores user credentials in every application.
B. It replaces authorization policies.
C. It allows users to authenticate once and access multiple trusted applications.
D. It eliminates the need for user identities.
Correct Answer:C
Explanation: Single Sign-On improves user experience and security by allowing one authentication session to provide access to multiple authorized applications.
Question 9
What is the purpose of a service principal in Microsoft Entra ID?
A. It represents an application or service as a security identity.
B. It stores enterprise knowledge for AI agents.
C. It replaces Conditional Access policies.
D. It creates Power Automate workflows.
Correct Answer:A
Explanation: A service principal is the identity used by an application or service to authenticate and access resources securely in Microsoft Entra ID.
Question 10
An organization requires users connecting from unmanaged devices to complete additional verification before accessing sensitive AI agents. Which capability addresses this requirement?
A. Role-Based Access Control
B. Managed identities
C. Conditional Access
D. Delegated permissions
Correct Answer:C
Explanation: Conditional Access evaluates conditions such as device compliance, location, and risk level to enforce security requirements like Multi-Factor Authentication before granting access.
This post is a part of the AI-103: Develop AI Apps and Agents on Azure Exam Prep Hub. This topic falls under these sections: Implement generative AI and agentic solutions (30–35%) --> Build agents by using Foundry --> Implement orchestrated multi-agent solutions
Note that there are 10 practice questions (with answers and explanations) at the end of each section to help you solidify your knowledge of the material. Also, there are 2 practice tests with 60 questions each available from the hub's main page below the exam topics section.
Introduction
As AI systems become more advanced, organizations increasingly use multiple AI agents working together rather than relying on a single monolithic model.
Multi-agent systems allow specialized agents to:
Collaborate
Delegate tasks
Share information
Coordinate workflows
Solve complex business problems
Azure AI Foundry provides orchestration capabilities that enable developers to design and implement coordinated multi-agent architectures.
For the AI-103: Develop AI Apps and Agents on Azure certification exam, understanding orchestrated multi-agent solutions is an important skill area.
What Is a Multi-Agent System?
A multi-agent system consists of:
Multiple AI agents
Coordinated workflows
Shared objectives
Task delegation mechanisms
Communication pathways
Each agent typically performs a specialized role.
Why Use Multi-Agent Architectures?
Multi-agent systems improve:
Scalability
Modularity
Specialization
Reliability
Workflow efficiency
Single-Agent vs Multi-Agent Systems
Single-Agent Systems
Single-agent systems:
Handle all responsibilities centrally
Use one model for all tasks
Are simpler to implement
However, they may struggle with:
Complex workflows
Large-scale orchestration
Specialized reasoning
Multi-Agent Systems
Multi-agent systems:
Separate responsibilities
Assign specialized tasks
Coordinate multiple workflows
Improve maintainability
Common Multi-Agent Roles
Examples of specialized agents include:
Research agents
Retrieval agents
Planning agents
Coding agents
Compliance agents
Validation agents
Summarization agents
Customer support agents
Agent Specialization
Specialized agents often outperform general-purpose agents because:
Prompts can be optimized
Tools can be restricted
Workflows become more focused
Context becomes more manageable
Orchestration
Orchestration coordinates:
Agent communication
Task delegation
Workflow sequencing
State management
Tool usage
What Is an Orchestrator?
An orchestrator is a coordinating component that:
Routes tasks
Selects agents
Manages workflows
Tracks execution state
Aggregates outputs
Centralized Orchestration
In centralized orchestration:
One orchestrator controls workflows
Agents report to a central controller
Execution is easier to monitor
Decentralized Orchestration
In decentralized orchestration:
Agents communicate directly
Coordination is distributed
Systems may scale more dynamically
Hierarchical Agent Systems
Hierarchical systems use:
Supervisor agents
Worker agents
Nested workflows
The supervisor assigns and validates tasks.
Agent Communication
Agents communicate by:
Passing messages
Sharing outputs
Updating workflow state
Exchanging structured data
Shared Context
Multi-agent systems may share:
Conversation history
Retrieved documents
Task state
Memory stores
Workflow variables
Conversation State Management
State management tracks:
Current workflow stage
Completed actions
Pending tasks
Agent outputs
Workflow Coordination
Workflow coordination defines:
Execution order
Conditional branching
Retry behavior
Escalation logic
Sequential Workflows
Sequential workflows execute agents in order.
Example:
Retrieval agent
Validation agent
Summarization agent
Approval agent
Parallel Workflows
Parallel workflows allow multiple agents to:
Execute simultaneously
Process independent tasks
Improve performance
Conditional Workflows
Conditional workflows branch based on:
User input
Confidence scores
Validation results
Business rules
Dynamic Routing
Dynamic routing enables orchestrators to:
Select agents at runtime
Adapt workflows dynamically
Optimize execution paths
Planning Agents
Planning agents:
Break tasks into subtasks
Determine execution order
Coordinate tool usage
Guide workflow progression
Task Delegation
Task delegation assigns work to specialized agents.
Examples:
Retrieval tasks
Compliance validation
Data analysis
Report generation
Tool-Augmented Multi-Agent Systems
Agents may use tools such as:
APIs
Search systems
Databases
Workflow engines
Custom functions
Retrieval Agents
Retrieval agents specialize in:
Searching enterprise data
Retrieving documents
Querying vector stores
Performing semantic search
Validation Agents
Validation agents may:
Detect hallucinations
Verify citations
Enforce compliance
Apply safety checks
Compliance Agents
Compliance agents help enforce:
Regulatory requirements
Security policies
Governance standards
Responsible AI rules
Human-in-the-Loop Systems
Some workflows require:
Human approval
Escalation review
Manual validation
before execution continues.
Memory in Multi-Agent Systems
Agents may use:
Short-term memory
Long-term memory
Shared memory
Retrieval-based memory
Shared Memory Systems
Shared memory allows agents to:
Access common information
Coordinate tasks
Maintain consistency
Long-Term Memory
Long-term memory stores:
Historical interactions
User preferences
Prior workflow results
Persistent context
Vector Memory
Vector memory uses embeddings to:
Store semantic information
Retrieve relevant history
Improve contextual continuity
Retrieval-Augmented Multi-Agent Systems
Multi-agent systems often integrate:
Azure AI Search
Vector search
Semantic retrieval
Grounding pipelines
Azure AI Search in Multi-Agent Systems
Azure AI Search supports:
Hybrid search
Semantic ranking
Vector indexing
Enterprise retrieval
Grounded Agent Responses
Grounded systems use retrieved evidence to:
Improve factual accuracy
Reduce hallucinations
Increase trustworthiness
Multi-Agent Reasoning
Complex reasoning may involve:
Planning agents
Research agents
Verification agents
Synthesis agents
working together.
Example Multi-Agent Workflow
Enterprise Research Assistant
Workflow:
Planner agent analyzes user request
Retrieval agent searches enterprise documents
Research agent summarizes findings
Validation agent checks citations
Compliance agent reviews policy concerns
Final response agent generates answer
Multi-Agent Coordination Challenges
Challenges include:
State synchronization
Latency
Tool conflicts
Redundant work
Workflow complexity
Latency Management
Latency can increase because:
Multiple agents execute sequentially
Retrieval systems add overhead
APIs require network calls
Optimization Strategies
Optimization techniques include:
Parallel execution
Response caching
Efficient retrieval
Selective tool invocation
Lightweight models for subtasks
Small Models in Multi-Agent Systems
Smaller models may handle:
Classification
Routing
Validation
Tool selection
while larger models perform complex reasoning.
Cost Optimization
Organizations may reduce costs by:
Using specialized lightweight agents
Limiting unnecessary tool calls
Reducing prompt size
Caching retrieval results
Monitoring Multi-Agent Systems
Monitoring should include:
Agent performance
Workflow success rates
Latency
Tool failures
Retrieval quality
Safety events
Logging and Traceability
Logs should capture:
Agent decisions
Tool invocations
Retrieval outputs
Workflow paths
Human approvals
Observability
Observability enables teams to:
Diagnose failures
Analyze workflows
Improve orchestration
Monitor reasoning quality
Security Considerations
Multi-agent systems require:
Authentication
Authorization
Role-based access control (RBAC)
Managed identities
Secure tool access
Least Privilege Access
Each agent should receive:
Only required permissions
Restricted tool access
Scoped credentials
Responsible AI Considerations
Organizations should implement:
Safety filters
Approval workflows
Oversight controls
Audit logging
Content moderation
Failure Recovery
Recovery mechanisms may include:
Retries
Escalation paths
Fallback agents
Human intervention
Agent Evaluation
Organizations should evaluate:
Task completion accuracy
Hallucination rates
Retrieval quality
Workflow reliability
Safety compliance
Azure AI Foundry and Multi-Agent Solutions
Azure AI Foundry supports:
Agent development
Tool integration
Workflow orchestration
Model deployment
Retrieval integration
Monitoring and evaluation
Common AI-103 Exam Tips
Understand Agent Roles
Know how specialized agents:
Coordinate
Delegate tasks
Use tools
Share context
Understand Orchestration Patterns
Know:
Sequential workflows
Parallel workflows
Hierarchical systems
Dynamic routing
Learn Retrieval Integration
Understand:
Azure AI Search
RAG
Vector search
Embeddings
Grounding
Learn Monitoring Concepts
Understand:
Trace logging
Workflow monitoring
Observability
Safety monitoring
Summary
Orchestrated multi-agent systems enable:
Specialized AI workflows
Coordinated reasoning
Tool integration
Enterprise-scale automation
For the AI-103 exam, you should understand:
Multi-agent architectures
Agent orchestration
Workflow coordination
Task delegation
Shared memory
Retrieval integration
Planning agents
Validation agents
Compliance workflows
Dynamic routing
Monitoring and observability
Responsible AI controls
These concepts are foundational for enterprise AI agent development in Azure AI Foundry.
Practice Exam Questions
Question 1
What is a primary advantage of multi-agent systems?
A. Elimination of workflows B. Agent specialization and task coordination C. Removal of retrieval systems D. Elimination of APIs
Answer
B. Agent specialization and task coordination
Explanation
Multi-agent systems improve modularity and specialization.
Question 2
What is the role of an orchestrator in a multi-agent system?
A. Replace all agents B. Coordinate workflows and manage execution C. Disable APIs D. Eliminate memory usage
Answer
B. Coordinate workflows and manage execution
Explanation
Orchestrators route tasks and coordinate agent interactions.
Question 3
Which workflow type allows multiple agents to execute simultaneously?
A. Sequential workflow B. Parallel workflow C. Static workflow D. Manual workflow
Answer
B. Parallel workflow
Explanation
Parallel workflows improve performance by enabling concurrent execution.
Question 4
What is a common role for a retrieval agent?
A. GPU maintenance B. Searching enterprise knowledge sources C. Managing DNS records D. Updating operating systems
Answer
B. Searching enterprise knowledge sources
Explanation
Retrieval agents specialize in search and document retrieval.
Question 5
Why are validation agents useful?
A. They eliminate monitoring B. They verify outputs and reduce hallucinations C. They remove orchestration logic D. They disable APIs
Answer
B. They verify outputs and reduce hallucinations
Explanation
Validation agents improve reliability and compliance.
Question 6
What is shared memory in a multi-agent system?
A. A GPU cache B. A common context accessible by multiple agents C. A networking appliance D. A firewall rule set
Answer
B. A common context accessible by multiple agents
Explanation
Shared memory improves coordination between agents.
Question 7
Which Azure service is commonly used for enterprise retrieval in multi-agent systems?
A. Azure AI Search B. Azure Backup C. Azure Monitor Agent D. Azure VPN Gateway
Answer
A. Azure AI Search
Explanation
Azure AI Search supports semantic, vector, and hybrid retrieval.
Question 8
What is dynamic routing?
A. Static API configuration B. Selecting agents at runtime based on workflow needs C. Replacing retrieval systems D. Eliminating orchestrators
Answer
B. Selecting agents at runtime based on workflow needs
Explanation
Dynamic routing enables adaptive workflows.
Question 9
Why might organizations use small models in multi-agent systems?
A. To increase hallucinations B. To reduce cost and handle lightweight subtasks C. To eliminate orchestration D. To disable memory
Answer
B. To reduce cost and handle lightweight subtasks
Explanation
Small models are efficient for routing and classification tasks.
Question 10
What should organizations monitor in multi-agent solutions?
A. Only GPU temperatures B. Workflow reliability, retrieval quality, latency, and safety events C. Only token counts D. Only firewall rules
Answer
B. Workflow reliability, retrieval quality, latency, and safety events
Explanation
Monitoring ensures reliable and safe multi-agent operations.