Tag: Multi-agent solutions

Create a multi-agent solution by using A2A protocol (AB-620 Exam Prep)

This post is a part of the AB-620: Designing and Building Integrated AI Agent Solutions in Copilot Studio Exam Prep Hub.
This topic falls under these sections:
Integrate and extend agents in Copilot Studio (40–45%)
   --> Configure multi-agent collaboration from Copilot Studio
      --> Create a multi-agent solution by using A2A protocol


Note that there are 10 practice questions (with answers) at the end of each section to help you solidify your knowledge of the material. Also, there are 4 practice tests with 30 questions each available from the hub's main page below the exam topics section.

Overview

The Agent-to-Agent (A2A) protocol in Microsoft Copilot Studio enables multiple AI agents to communicate, delegate tasks, and collaborate across systems in a standardized way. Instead of one monolithic agent handling all responsibilities, A2A allows you to design specialized agents that exchange structured messages and coordinate outcomes.

In the AB-620 exam context, this topic focuses on:

  • Designing distributed agent systems
  • Configuring cross-agent communication
  • Defining task delegation patterns
  • Managing orchestration between agents

What the A2A Protocol Is

The A2A protocol is a communication framework that allows agents to:

  • Send structured requests to other agents
  • Receive responses in a standardized format
  • Delegate tasks dynamically at runtime
  • Collaborate across environments or platforms

It supports interoperability between Copilot Studio agents and external agent systems, making it foundational for multi-agent architectures.


Core Principles of A2A

1. Agent Specialization

Each agent is designed for a specific role, such as:

  • HR policy assistant
  • Finance reporting agent
  • IT service desk agent
  • Customer support triage agent

2. Message-Based Communication

Agents communicate using:

  • Structured requests
  • JSON-based payloads
  • Defined schemas for input/output

3. Loose Coupling

Agents do not need to know internal implementation details of other agents.

4. Orchestration Flexibility

A coordinator or “primary agent” may:

  • Route requests
  • Aggregate responses
  • Handle fallback scenarios

A2A Architecture in Copilot Studio

A typical A2A solution includes:

1. Primary (Orchestrator) Agent

  • Receives user input
  • Determines which agent should handle the task
  • Aggregates results

2. Worker Agents

  • Perform specialized tasks
  • Return structured outputs

3. Communication Layer (A2A Protocol)

  • Handles message formatting
  • Ensures compatibility across agents

How A2A Works (Flow)

  1. User submits request to primary agent
  2. Primary agent evaluates intent
  3. Task is delegated via A2A protocol
  4. Worker agent processes request
  5. Response is returned to orchestrator
  6. Final response is assembled and sent to user

When to Use A2A in Copilot Studio

A2A is ideal when:

  • Multiple business domains are involved
  • Tasks require specialized expertise
  • Workloads must be distributed
  • Systems need modular AI design

Configuration Steps (Conceptual for Exam)

Step 1: Define Agent Roles

  • Identify each agent’s responsibility
  • Avoid overlapping domains

Step 2: Enable A2A Communication

  • Register agents in Copilot Studio environment
  • Enable cross-agent communication permissions

Step 3: Define Message Schema

Include:

  • Task type
  • Input parameters
  • Expected output format

Step 4: Configure Routing Logic

  • Use rules or generative orchestration
  • Map intents to agents

Step 5: Test Multi-Agent Flow

  • Validate request delegation
  • Ensure correct response aggregation

Key Design Patterns

1. Hub-and-Spoke Model

  • One central orchestrator
  • Multiple specialized agents

2. Chain-of-Agents Pattern

  • Output of one agent becomes input to another

3. Parallel Execution Pattern

  • Multiple agents process simultaneously
  • Results merged afterward

Best Practices

1. Keep Agents Focused

Avoid creating “do everything” agents.

2. Standardize Payloads

Use consistent schemas for:

  • Requests
  • Responses
  • Error handling

3. Implement Fallback Logic

If an agent fails:

  • Retry
  • Route to backup agent
  • Return partial results

4. Monitor Inter-Agent Traffic

Track:

  • Latency between agents
  • Failure rates
  • Task distribution efficiency

5. Avoid Over-Orchestration

Too many routing layers can:

  • Increase latency
  • Reduce maintainability

Common Use Cases

  • Enterprise IT + HR + Finance agent ecosystems
  • Customer service triage systems
  • Multi-department workflow automation
  • Cross-platform enterprise assistants
  • Industry-specific AI agent networks

Practice Exam Questions


1. What is the primary purpose of the A2A protocol in Copilot Studio?

A. To replace Power Automate flows entirely
B. To enable structured communication between multiple agents
C. To store conversation history in Dataverse
D. To train large language models

Correct Answer: B

Explanation: A2A is designed to enable standardized communication between agents in a multi-agent system.


2. Which architecture best describes a typical A2A solution?

A. Single monolithic agent
B. Event-driven serverless function only
C. Hub-and-spoke multi-agent system
D. Static chatbot tree

Correct Answer: C

Explanation: A2A commonly uses a central orchestrator with multiple specialized agents.


3. What is a key benefit of using A2A in Copilot Studio?

A. Eliminates need for authentication
B. Enables distributed agent specialization
C. Removes dependency on semantic models
D. Prevents all external integrations

Correct Answer: B

Explanation: A2A allows agents to specialize and collaborate rather than handling all tasks in one system.


4. In an A2A flow, what typically happens first?

A. Worker agent returns response
B. User directly contacts worker agent
C. Orchestrator agent interprets the user request
D. Data is written to a database

Correct Answer: C

Explanation: The orchestrator agent receives and analyzes the user request before delegation.


5. What format is commonly used for A2A message exchange?

A. Binary executable files
B. JSON-based structured payloads
C. Excel spreadsheets
D. Plain text emails

Correct Answer: B

Explanation: A2A communication typically uses structured JSON payloads for interoperability.


6. Which scenario is BEST suited for A2A implementation?

A. A single FAQ chatbot
B. A simple form submission bot
C. A multi-department enterprise assistant system
D. A static website FAQ page

Correct Answer: C

Explanation: A2A is ideal for distributed, multi-domain enterprise scenarios.


7. What is a worker agent responsible for in an A2A system?

A. Orchestrating all other agents
B. Training language models
C. Performing specialized tasks and returning results
D. Managing user authentication

Correct Answer: C

Explanation: Worker agents execute specific tasks delegated by the orchestrator.


8. What is a risk of overusing orchestration layers in A2A design?

A. Improved performance
B. Reduced system complexity
C. Increased latency and maintenance overhead
D. Elimination of errors

Correct Answer: C

Explanation: Too many orchestration layers can slow down and complicate the system.


9. Which pattern involves multiple agents processing tasks simultaneously?

A. Chain-of-agents pattern
B. Parallel execution pattern
C. Linear scripting pattern
D. Singleton agent pattern

Correct Answer: B

Explanation: Parallel execution allows multiple agents to process tasks at the same time.


10. What is a best practice when designing A2A message schemas?

A. Allow free-form unstructured text only
B. Avoid defining response formats
C. Standardize input and output payload structures
D. Let each agent define its own format

Correct Answer: C

Explanation: Standardization ensures interoperability and reduces integration issues.


Go to the AB-620 Exam Prep Hub main page

Integrate a Fabric data agent (AB-620 Exam Prep)

This post is a part of the AB-620: Designing and Building Integrated AI Agent Solutions in Copilot Studio Exam Prep Hub.
This topic falls under these sections:
Integrate and extend agents in Copilot Studio (40–45%)
   --> Configure multi-agent collaboration from Copilot Studio
      --> Integrate a Fabric data agent


Note that there are 10 practice questions (with answers) at the end of each section to help you solidify your knowledge of the material. Also, there are 4 practice tests with 30 questions each available from the hub's main page below the exam topics section.

Overview

A Fabric data agent is used to enable an AI agent in Copilot Studio to interact with enterprise data stored in Microsoft Fabric. This includes semantic models, lakehouses, warehouses, and other Fabric-based data assets. The integration allows users to ask natural language questions and receive grounded, governed responses based on curated datasets.

In AB-620, this topic focuses on how Copilot Studio agents connect to Fabric data sources, how queries are interpreted, and how data governance and security are enforced during retrieval.


Core Concept: What a Fabric Data Agent Does

A Fabric data agent acts as a semantic layer bridge between:

  • Copilot Studio agents (natural language interface)
  • Microsoft Fabric data assets (structured analytics layer)

It enables:

  • Natural language querying over Fabric datasets
  • Retrieval of governed business metrics
  • Consistent answers aligned with semantic models
  • Reduced need for direct query writing (SQL/DAX)

Key Capabilities

When integrating a Fabric data agent, you should understand these capabilities:

1. Natural Language to Semantic Query Translation

The agent converts user prompts into structured queries against:

  • Power BI semantic models
  • Fabric warehouses
  • Lakehouse tables

2. Semantic Model Awareness

The agent respects:

  • Measures
  • Relationships
  • Calculated columns
  • Business definitions (KPIs)

3. Governance and Security Enforcement

Access is controlled through:

  • Microsoft Entra ID authentication
  • Role-Level Security (RLS)
  • Object-level permissions in Fabric/Power BI

4. Contextual Answer Generation

Responses are:

  • Grounded in Fabric data only
  • Filtered based on user permissions
  • Summarized for conversational output

Prerequisites for Integration

Before integrating a Fabric data agent, ensure:

  • A Microsoft Fabric workspace is configured
  • A semantic model exists (Power BI dataset or Fabric model)
  • Data is properly modeled (relationships, measures defined)
  • Users have access permissions (Viewer or higher depending on scenario)
  • Copilot Studio environment is enabled for enterprise data integration

How Integration Works (Conceptual Flow)

The integration process follows this flow:

  1. User asks a question in Copilot Studio
  2. Agent identifies intent as a data query
  3. Request is routed to Fabric data agent
  4. Fabric semantic model is queried
  5. Results are returned in structured form
  6. Copilot Studio formats response into conversational output

Configuration Steps (High-Level)

While exact UI steps may evolve, the exam expects conceptual understanding:

Step 1: Enable Fabric Data Source Connection

  • Select Microsoft Fabric as a data source
  • Choose a semantic model or dataset

Step 2: Register the Data Agent

  • Link Fabric workspace to Copilot Studio agent
  • Define which datasets are available for querying

Step 3: Define Query Scope

  • Limit accessible tables/measures
  • Control supported business domains

Step 4: Configure Security Context

  • Enforce Entra ID authentication
  • Apply RLS roles automatically

Step 5: Test Natural Language Queries

  • Validate question-to-answer mapping
  • Ensure correct aggregation and filtering

Best Practices

1. Use Well-Modeled Semantic Layers

A Fabric data agent performs best when:

  • Measures are clearly defined
  • Relationships are accurate
  • Naming conventions are business-friendly

2. Avoid Direct Raw Table Exposure

Instead:

  • Use curated semantic models
  • Hide unnecessary technical columns

3. Optimize for Business Language

Rename fields such as:

  • “SalesAmt” → “Total Sales”
  • “CustCnt” → “Customer Count”

4. Validate Security Boundaries

Ensure:

  • RLS behaves correctly
  • Sensitive data is excluded from responses

5. Limit Dataset Scope

Smaller, focused models improve:

  • Query accuracy
  • Response time
  • AI interpretation quality

Common Use Cases

  • Sales performance dashboards via chat
  • Financial reporting queries (revenue, cost, profit)
  • Operational metrics (inventory, supply chain)
  • Executive summary generation from Fabric data
  • Self-service analytics for business users

Practice Exam Questions


1. A company wants Copilot Studio agents to answer questions using metrics stored in a Fabric warehouse. What is required first?

A. Enable Power Automate flows for all queries
B. Create a semantic model over the warehouse data
C. Export data to Azure SQL Database
D. Enable Azure AI Search indexing

Correct Answer: B

Explanation: A Fabric data agent relies on semantic models to interpret business metrics and relationships. Without a semantic layer, natural language queries cannot be correctly mapped.


2. What is the primary role of a Fabric data agent in Copilot Studio?

A. Execute REST API calls to external systems
B. Translate natural language into semantic model queries
C. Train large language models on enterprise data
D. Replace Power BI dashboards entirely

Correct Answer: B

Explanation: The Fabric data agent acts as a bridge between natural language input and structured queries against Fabric semantic models.


3. Which security mechanism ensures users only see data they are allowed to access?

A. Azure API Management policies
B. Row-Level Security (RLS) in Fabric
C. Copilot Studio topic restrictions
D. Dataflow Gen2 filters

Correct Answer: B

Explanation: RLS in Fabric enforces row-level restrictions based on user identity.


4. What type of data source is primarily used by Fabric data agents?

A. Unstructured PDF documents
B. REST APIs only
C. Semantic models in Microsoft Fabric
D. Local Excel files uploaded manually

Correct Answer: C

Explanation: Fabric data agents are designed to work with structured semantic models.


5. Why is a semantic model important for Fabric data agent integration?

A. It enables AI model training
B. It provides business definitions and relationships
C. It replaces the need for authentication
D. It stores raw unprocessed logs

Correct Answer: B

Explanation: Semantic models define relationships, measures, and business logic used for query interpretation.


6. A user asks a question that requires filtering sales by region. What does the Fabric data agent use to answer correctly?

A. Hardcoded filters in Copilot Studio topics
B. Semantic model relationships and measures
C. Power Automate approval flows
D. Azure Logic Apps workflows

Correct Answer: B

Explanation: Filtering logic is derived from the semantic model structure.


7. What is a recommended best practice when preparing data for a Fabric data agent?

A. Use raw unmodeled tables for flexibility
B. Expose all columns to maximize coverage
C. Use business-friendly naming in semantic models
D. Disable relationships between tables

Correct Answer: C

Explanation: Clear naming improves AI interpretation and response quality.


8. How does Copilot Studio ensure secure access to Fabric data?

A. By duplicating datasets into Copilot Studio
B. By bypassing Entra ID for faster access
C. By enforcing authentication and inherited Fabric permissions
D. By caching all data in memory

Correct Answer: C

Explanation: Access is controlled through Entra ID and inherited Fabric permissions.


9. What happens when a user query exceeds the scope of the connected Fabric dataset?

A. The agent guesses an answer
B. The request is forwarded to REST APIs
C. The agent responds that data is unavailable or out of scope
D. The system automatically creates a new dataset

Correct Answer: C

Explanation: The agent can only respond based on connected and governed data sources.


10. Which scenario best demonstrates use of a Fabric data agent?

A. Sending emails based on workflow triggers
B. Querying sales performance using natural language
C. Uploading files to SharePoint
D. Creating PowerPoint slides automatically

Correct Answer: B

Explanation: Fabric data agents are designed for conversational analytics over structured enterprise data.


Go to the AB-620 Exam Prep Hub main page

Design multi-agent solutions in Microsoft Copilot Studio (AB-620 Exam Prep)

This post is a part of the AB-620: Designing and Building Integrated AI Agent Solutions in Copilot Studio Exam Prep Hub.
This topic falls under these sections:
Integrate and extend agents in Copilot Studio (40–45%)
   --> Configure multi-agent collaboration from Copilot Studio
      --> Design multi-agent solutions in Copilot Studio


Note that there are 10 practice questions (with answers) at the end of each section to help you solidify your knowledge of the material. Also, there are 4 practice tests with 30 questions each available from the hub's main page below the exam topics section.

Learning Objectives

After completing this article, you should be able to:

  • Understand what a multi-agent solution is.
  • Explain why organizations use multiple AI agents.
  • Identify the major components of a multi-agent architecture.
  • Differentiate between parent agents, child agents, and connected agents.
  • Design effective agent responsibilities.
  • Select appropriate routing and orchestration strategies.
  • Apply Microsoft-recommended design principles for enterprise AI solutions.

Introduction

As organizations adopt AI across multiple business functions, a single AI agent often becomes insufficient for handling every task. Large enterprises require AI systems capable of managing specialized workloads, integrating with diverse systems, and scaling independently.

Microsoft Copilot Studio addresses this challenge by enabling developers to create multi-agent solutions, where multiple specialized agents collaborate to solve complex business problems.

Rather than building one large, monolithic agent responsible for every interaction, developers can create multiple focused agents that communicate and cooperate while maintaining clear responsibilities.

This modular approach improves scalability, maintainability, security, and user experience.


What Is a Multi-Agent Solution?

A multi-agent solution consists of two or more AI agents working together toward a shared objective.

Each agent specializes in a particular domain or capability.

Example:

Instead of one agent handling everything, an organization creates:

  • HR Agent
  • IT Help Desk Agent
  • Finance Agent
  • Facilities Agent
  • Sales Agent
  • Customer Service Agent

Each agent focuses on its own area of expertise.

When necessary, agents collaborate to complete broader workflows.


Why Use Multiple Agents?

Multi-agent systems provide several advantages over a single large agent.

Benefits include:

Better Specialization

Each agent becomes an expert in a limited business domain.

Example:

Rather than one agent answering every possible company question,

Create:

  • Benefits Agent
  • Payroll Agent
  • Recruiting Agent

Each delivers more accurate responses.


Easier Maintenance

Updating one specialized agent is easier than modifying a massive all-purpose agent.

Benefits include:

  • fewer unintended side effects
  • simpler testing
  • faster deployments
  • independent versioning

Improved Scalability

Different agents can scale independently.

For example:

Customer Support Agent

  • thousands of daily requests

Finance Approval Agent

  • dozens of daily requests

Each can be optimized separately.


Better Security

Different agents can have different permissions.

Example:

Payroll Agent

Access:

  • salary information
  • tax records

Sales Agent

Access:

  • CRM data

The Sales Agent never needs payroll permissions.


Improved Reliability

If one specialized agent becomes unavailable,

Other agents continue operating.

This improves overall system resilience.


Multi-Agent Terminology

Understanding Microsoft’s terminology is essential for the AB-620 exam.

TermDescription
AgentAn AI assistant designed for a specific purpose
Parent AgentCoordinates other agents
Child AgentPerforms delegated work
Connected AgentIndependent agent available for collaboration
ToolCapability an agent can invoke
TopicConversation workflow
Knowledge SourceInformation available to an agent
ContextInformation shared during conversations
DelegationPassing work to another agent
OrchestrationCoordinating multiple agents

Core Components of a Multi-Agent Solution

Most enterprise architectures include several components.

User

Starts the conversation.

Parent Agent

Receives the request.

Decision Logic

Determines which specialized agent should handle the task.

Specialized Agent

Executes the requested task.

External Systems

  • Databases
  • APIs
  • Microsoft 365
  • Power Platform
  • Azure AI Search
  • ERP systems
  • CRM systems

Response Returned

Results flow back through the parent agent to the user.


Designing Specialized Agents

One of Microsoft’s primary recommendations is:

Design agents around business capabilities—not technologies.

Poor design:

One “Super Agent”

Responsibilities:

  • HR
  • Finance
  • Sales
  • IT
  • Marketing
  • Legal
  • Procurement

Problems:

  • difficult to maintain
  • confusing prompts
  • unnecessary permissions
  • reduced accuracy

Better design:

HR Agent

Handles:

  • benefits
  • vacation
  • onboarding

Finance Agent

Handles:

  • invoices
  • budgets
  • expense reports

IT Agent

Handles:

  • password resets
  • devices
  • software
  • support tickets

Each agent remains focused.


Agent Responsibilities

Every agent should have clearly defined responsibilities.

Good responsibilities are:

  • specific
  • measurable
  • independent
  • reusable

Example

Travel Agent

Responsibilities:

✓ Book flights

✓ Reserve hotels

✓ Check travel policies

Not responsible for:

✗ Payroll

✗ IT tickets

✗ Customer support


Designing Agent Boundaries

One common exam objective is identifying proper agent boundaries.

Ask:

What business capability owns this task?

Not:

Which department requested it?

Example

Employee requests:

“I need a laptop.”

Poor routing:

HR Agent

Better routing:

IT Agent

Reason:

Hardware provisioning belongs to IT.


Parent Agents

The parent agent serves as the coordinator.

Responsibilities include:

  • understanding requests
  • selecting child agents
  • maintaining conversation flow
  • combining responses
  • returning final answers

Think of the parent agent as a project manager.


Child Agents

Child agents perform specialized work delegated by the parent agent.

Examples include:

Benefits Agent

Inventory Agent

Legal Agent

Facilities Agent

Payroll Agent

Each performs work without needing knowledge of the broader conversation.


Connected Agents

Connected agents differ slightly from child agents.

Connected agents are:

  • independently published
  • reusable
  • discoverable
  • callable by other agents

This promotes reuse across multiple solutions.

Example

Company has:

Expense Agent

Multiple departments can connect to it:

  • HR
  • Sales
  • Finance
  • Operations

Rather than creating duplicate expense logic.


Choosing Between Child and Connected Agents

Child AgentConnected Agent
Used within one solutionReusable across solutions
Parent controls lifecycleIndependent lifecycle
Tight integrationLooser integration
Typically internalEnterprise-wide reuse

Orchestration

Orchestration is the process of coordinating multiple agents.

The parent agent determines:

  • who performs work
  • when work begins
  • what data is shared
  • how results are combined

Without orchestration:

Agents work independently.

With orchestration:

Agents collaborate toward one goal.


Collaboration Patterns

Several collaboration models are common.

Sequential Collaboration

Agent A

Agent B

Agent C

Example

Travel request

Policy Agent

Booking Agent

Approval Agent


Parallel Collaboration

Multiple agents execute simultaneously.

          Parent
        /    |    \
      HR   IT   Finance
        \    |    /
         Combined Response

Advantages:

  • faster responses
  • independent execution

Hub-and-Spoke

Most common in Copilot Studio.

           Parent
        /   |   |   \
      HR   IT Finance Legal

Benefits:

  • centralized coordination
  • simple routing
  • easy governance

Mesh Collaboration

Agents communicate directly.

Agent A ↔ Agent B
↕ ↕
Agent C ↔ Agent D

More flexible

More complex

Less common than hub-and-spoke in enterprise Copilot Studio solutions.


Routing Strategies

One of the parent agent’s primary responsibilities is routing requests.

Examples include:

Intent-Based Routing

Determine user intent.

Example:

“I forgot my password.”

IT Agent


Keyword Routing

Specific words trigger agents.

“Payroll”

Payroll Agent

Simple but less flexible than intent recognition.


Rule-Based Routing

Business rules determine routing.

Example:

If request concerns invoices

Finance Agent

Else

Customer Service Agent


AI-Based Routing

The LLM evaluates the request and selects the most appropriate agent based on semantic understanding.

Benefits:

  • greater flexibility
  • better handling of ambiguous language
  • improved user experience

AI-based routing is increasingly preferred for enterprise conversational systems.


Enterprise Example

A user asks:

“I’m traveling to Seattle next week. Can you book my hotel, verify my travel policy, and submit the request for approval?”

Possible orchestration flow:

  1. Parent Agent receives the request.
  2. Policy Agent verifies travel rules.
  3. Booking Agent searches for available hotels.
  4. Approval Agent creates an approval request.
  5. Parent Agent consolidates the results.
  6. User receives a single, coherent response.

This illustrates how multiple specialized agents collaborate to complete a complex workflow while each remains focused on its own domain.


Best Practices

  • Design agents around business capabilities rather than departments.
  • Keep each agent focused on a well-defined responsibility.
  • Minimize overlapping responsibilities between agents.
  • Use parent agents to coordinate complex workflows.
  • Reuse connected agents whenever practical.
  • Prefer AI-based routing for complex conversational experiences.
  • Apply the principle of least privilege so each agent has only the permissions it requires.
  • Plan for scalability by allowing agents to evolve independently.

Common Design Mistakes

Avoid these common pitfalls:

  • Creating one “super agent” responsible for every task.
  • Giving multiple agents overlapping responsibilities.
  • Granting excessive permissions to specialized agents.
  • Routing requests solely by keywords when semantic routing is more appropriate.
  • Tightly coupling agents that should be reusable.
  • Failing to define clear ownership for business capabilities.

AB-620 Exam Tips

For the exam, remember these key concepts:

  • A multi-agent solution consists of multiple specialized agents working together.
  • Parent agents coordinate conversations and delegate work.
  • Child agents perform specialized tasks within a solution.
  • Connected agents are independently published and reusable across multiple solutions.
  • Orchestration manages how agents collaborate to fulfill user requests.
  • Design agents around business capabilities, not organizational departments.
  • Use AI-based routing when requests are complex or ambiguous.
  • Keep agents modular, secure, maintainable, and independently scalable.

Advanced Multi-Agent Design Patterns

Once you understand the fundamentals of multi-agent solutions, the next step is learning how to design enterprise-grade architectures. Microsoft expects AI Agent Builders to select appropriate collaboration patterns based on business requirements rather than attempting to solve every problem with a single architecture.


Pattern 1 – Hub-and-Spoke (Recommended)

This is the most common architecture used in Copilot Studio.

                  User
                   │
            Parent Agent
      ┌────────┼────────┐
      │        │        │
   HR Agent IT Agent Finance Agent
      │        │        │
      └────────┼────────┘
          Consolidated Response

Advantages

  • Centralized orchestration
  • Easy governance
  • Simplified security
  • Easy monitoring
  • Scalable
  • Easy to troubleshoot

Typical Uses

  • Enterprise copilots
  • Employee self-service
  • Customer support
  • IT service desks

Pattern 2 – Sequential Workflow

Each agent performs one step before passing work to the next.

Example

User
Travel Agent
Policy Agent
Approval Agent
Booking Agent
User

Best for

  • Approval workflows
  • Procurement
  • Employee onboarding
  • Case management

Pattern 3 – Parallel Processing

Several agents work simultaneously.

               Parent Agent
             /      |      \
         Sales   Inventory  Shipping
             \      |      /
          Combined Response

Benefits

  • Faster responses
  • Independent processing
  • Better user experience

Pattern 4 – Federated Agent Architecture

Different business units own their own agents.

Example

Sales Department

Owns Sales Agent

Finance Department

Owns Finance Agent

HR Department

Owns HR Agent

A parent agent coordinates requests without requiring centralized ownership of every specialized agent.


Agent Communication Lifecycle

Most multi-agent conversations follow this sequence:

Step 1

User submits request.

Step 2

Parent agent interprets intent.

Step 3

Appropriate specialized agent is selected.

Step 4

Context is transferred.

Step 5

Specialized agent completes work.

Step 6

Result returns to parent.

Step 7

Parent formats final response.


Context Sharing

Context refers to the information needed for another agent to complete work.

Examples include:

  • User identity
  • Previous conversation
  • Variables
  • Business data
  • Parameters
  • Selected products
  • Order numbers

Good context sharing reduces duplicate questions and improves user experience.

Example

Without context:

Parent Agent:

“What order number?”

Inventory Agent:

“What order number?”

Shipping Agent:

“What order number?”

Poor experience.


Better

Parent collects:

Order #14567

Passes it automatically to downstream agents.


State Management

State represents information preserved during a conversation.

Examples include:

  • Customer ID
  • Shopping cart
  • Selected location
  • Previous answers
  • Authentication status

Good state management allows conversations to continue naturally.

Example

User:

“I’d like to change my reservation.”

Five minutes later:

“Can you move it to next Tuesday?”

The agent remembers the reservation discussed earlier.


Stateless vs. Stateful Design

StatelessStateful
No memory between requestsMaintains conversation context
Simple implementationMore personalized interactions
Highly scalableSupports complex workflows
Good for APIsGood for conversational agents

Copilot Studio frequently combines both approaches depending on the scenario.


Security Considerations

Every agent should follow the principle of least privilege.

Example

Benefits Agent

Access

✓ Benefits database

✗ Payroll database

✗ Financial records

Finance Agent

Access

✓ Expense reports

✓ Budgets

✗ HR records

This reduces risk and improves compliance.


Authentication

Each specialized agent may authenticate independently.

Possible methods include:

  • Microsoft Entra ID
  • OAuth 2.0
  • Managed identities
  • API Keys (when appropriate)

The parent agent should not automatically inherit unrestricted access to every connected system.


Performance Considerations

Large organizations may operate dozens or even hundreds of specialized agents.

Performance can be improved by:

  • Running independent agents in parallel
  • Caching frequently accessed information
  • Reusing connected agents
  • Avoiding unnecessary delegations
  • Limiting context passed between agents
  • Reducing repeated API calls

Scalability

A good architecture should support future growth.

Instead of:

Parent
One giant agent

Use:

Parent
HR
Finance
Sales
Legal
IT
Marketing
Facilities
Travel
Procurement

New business capabilities can be added without redesigning the entire solution.


Monitoring Multi-Agent Solutions

Enterprise deployments should monitor:

  • Conversation success rate
  • Agent selection accuracy
  • API failures
  • Response times
  • Authentication failures
  • Delegation failures
  • User satisfaction
  • Tool execution success
  • Token usage
  • Error frequency

Monitoring enables continuous improvement and faster troubleshooting.


Troubleshooting Collaboration Issues

Common issues include:

Incorrect Routing

Symptoms

  • Wrong agent selected
  • Irrelevant responses

Solution

Improve routing logic or intent recognition.


Missing Context

Symptoms

  • Users repeatedly answer the same questions.

Solution

Share required variables between agents.


Permission Errors

Symptoms

  • Agent cannot access required resources.

Solution

Review security roles and connector permissions.


Delegation Loops

Symptoms

Agent A

Agent B

Agent A

Agent B

Avoid circular delegation by defining clear ownership and termination conditions.


Slow Performance

Causes

  • Too many API calls
  • Excessive context transfer
  • Sequential execution when parallel processing is possible

Single-Agent vs. Multi-Agent Architecture

Single AgentMulti-Agent
Simple implementationMore flexible
Limited specializationHighly specialized
Harder to scaleScales independently
Large promptSmaller focused prompts
One security modelGranular permissions
Lower maintenance flexibilityIndependent lifecycle management
Good for small solutionsBest for enterprise solutions

Real-World Enterprise Scenario 1

A global manufacturing company deploys:

  • HR Agent
  • Payroll Agent
  • IT Agent
  • Procurement Agent
  • Maintenance Agent

The Enterprise Copilot receives:

“Order a replacement laptop for my new employee.”

Possible workflow:

  1. Parent Agent identifies onboarding request.
  2. HR Agent confirms employee status.
  3. Procurement Agent verifies available hardware.
  4. IT Agent creates deployment ticket.
  5. Parent Agent summarizes results.

No single specialized agent performs every task.


Real-World Enterprise Scenario 2

Customer asks:

“My shipment is late and I’d like a refund.”

Workflow:

Parent Agent

Order Agent

Shipping Agent

Finance Agent

Customer Support Agent

Response returned

Each agent performs one specialized responsibility.


Design Decision Matrix

RequirementRecommended Design
Simple FAQ botSingle agent
Enterprise employee assistantMulti-agent hub-and-spoke
Department specializationConnected agents
Approval workflowsSequential orchestration
Independent business unitsFederated architecture
Large enterprise platformParent with reusable connected agents

Summary

For the AB-620 exam, remember these key points:

  • Multi-agent solutions improve scalability, maintainability, and specialization.
  • Parent agents orchestrate work across specialized agents.
  • Child agents perform delegated tasks within a solution.
  • Connected agents are reusable across multiple solutions.
  • Effective context sharing minimizes repeated user input.
  • State management enables natural, continuous conversations.
  • Security should follow the principle of least privilege.
  • Parallel execution can improve performance.
  • Monitoring and troubleshooting are essential for production deployments.
  • Select an architecture that aligns with business requirements rather than forcing a single design pattern.

Practice Exam Questions

Question 1

A company wants a Copilot solution where HR, Finance, and IT each maintain their own specialized agents while a single enterprise assistant coordinates user requests. Which architecture is most appropriate?

A. Hub-and-spoke multi-agent architecture

B. Single-agent architecture

C. Stateless REST API architecture

D. Batch processing architecture

Answer: A

Explanation: A hub-and-spoke architecture uses a parent agent to coordinate specialized agents, making it ideal for enterprise scenarios where multiple business domains are involved.


Question 2

What is the primary responsibility of a parent agent in a multi-agent solution?

A. Store all enterprise data

B. Replace every specialized agent

C. Orchestrate conversations and delegate work

D. Authenticate every external API directly

Answer: C

Explanation: The parent agent coordinates conversations, selects the appropriate specialized agent, manages context, and returns a unified response.


Question 3

Which design principle helps reduce unnecessary security risks in multi-agent solutions?

A. Shared administrator permissions

B. Principle of least privilege

C. Universal read/write access

D. Anonymous authentication

Answer: B

Explanation: Granting each agent only the permissions it requires minimizes the attack surface and aligns with Microsoft’s security recommendations.


Question 4

A company wants multiple departments to reuse the same Expense Approval agent without duplicating its logic. Which type of agent is most appropriate?

A. Parent agent

B. Temporary agent

C. Stateless agent

D. Connected agent

Answer: D

Explanation: Connected agents are independently published and reusable across multiple solutions or departments.


Question 5

Why is context sharing important between collaborating agents?

A. It encrypts API traffic automatically.

B. It eliminates authentication requirements.

C. It prevents users from repeatedly providing the same information.

D. It replaces business rules.

Answer: C

Explanation: Sharing relevant context improves efficiency and provides a smoother conversational experience.


Question 6

Which collaboration pattern is generally the best choice when several independent tasks can be completed simultaneously?

A. Parallel processing

B. Sequential workflow

C. Single-agent routing

D. Manual delegation

Answer: A

Explanation: Parallel processing reduces overall response time by allowing multiple specialized agents to work concurrently.


Question 7

A conversation requires remembering a reservation number while multiple agents collaborate. Which capability is most important?

A. Stateless routing

B. Keyword matching

C. State management

D. Anonymous access

Answer: C

Explanation: State management preserves important conversation data across interactions and between collaborating agents.


Question 8

Which issue is most likely to occur if agent responsibilities overlap significantly?

A. Improved specialization

B. Easier maintenance

C. Lower API costs

D. Incorrect routing and duplicated functionality

Answer: D

Explanation: Overlapping responsibilities create ambiguity, increase maintenance complexity, and may cause requests to be routed incorrectly.


Question 9

What is the primary advantage of designing specialized agents around business capabilities instead of departments?

A. Reduced conversation quality

B. Clear ownership and easier long-term maintenance

C. Elimination of authentication

D. Guaranteed parallel execution

Answer: B

Explanation: Business capability–based design creates well-defined responsibilities, improving maintainability, scalability, and reuse.


Question 10

A global organization expects to add new AI capabilities every few months. Which architectural characteristic best supports future growth?

A. One large monolithic agent

B. Hard-coded routing rules only

C. Modular multi-agent architecture with independently scalable agents

D. Manual agent switching by users

Answer: C

Explanation: A modular multi-agent architecture allows organizations to add or update specialized agents independently without redesigning the entire solution, making it the preferred enterprise approach.


Go to the AB-620 Exam Prep Hub main page

Plan identity strategy (AB-620 Exam Prep)

This post is a part of the AB-620: Designing and Building Integrated AI Agent Solutions in Copilot Studio Exam Prep Hub.
This topic falls under these sections:
Plan and configure agent solutions (30–35%)
   --> Plan an agent solution
      --> Plan identity strategy


Note that there are 10 practice questions (with answers) at the end of each section to help you solidify your knowledge of the material. Also, there are 4 practice tests with 30 questions each available from the hub's main page below the exam topics section.

Introduction

One of the most important planning activities when designing an AI agent is determining how the agent and its users will be identified, authenticated, and authorized. An effective identity strategy ensures that agents securely access enterprise resources while protecting sensitive organizational data.

In Microsoft Copilot Studio, an identity strategy defines:

  • How users sign in
  • How the agent authenticates to external systems
  • What permissions users and agents receive
  • How identities are managed across enterprise applications
  • How security policies are enforced
  • How compliance requirements are met

Identity planning is closely related to security planning. Before integrating an agent with Microsoft 365, Dynamics 365, SharePoint, Azure AI Search, REST APIs, or other enterprise systems, architects must determine how identities will be established and trusted.

For the AB-620 exam, you should understand the principles of identity management, authentication methods, authorization models, Microsoft Entra ID, delegated versus application permissions, service principals, managed identities, and least-privilege access.


Why an Identity Strategy Is Important

Without a well-designed identity strategy, an AI agent could:

  • Access unauthorized information
  • Perform actions it should not perform
  • Expose sensitive data
  • Violate compliance requirements
  • Create security vulnerabilities
  • Fail to authenticate with enterprise systems

A properly planned identity strategy ensures:

  • Secure user authentication
  • Secure system authentication
  • Appropriate authorization
  • Protection of enterprise resources
  • Regulatory compliance
  • Consistent user experiences

Identity should be planned before any integrations are implemented.


Key Identity Concepts

Understanding several core identity concepts is essential.

Identity

An identity represents a person, application, service, or device.

Examples include:

  • Employee
  • Customer
  • Administrator
  • AI agent
  • Service account
  • Application

Every identity has unique characteristics that distinguish it from others.


Authentication

Authentication answers the question:

Who are you?

Authentication verifies the identity of a user or application before granting access.

Common authentication methods include:

  • Username and password
  • Multi-factor authentication (MFA)
  • OAuth 2.0
  • OpenID Connect
  • Microsoft Entra ID sign-in
  • Certificate-based authentication

Successful authentication establishes trust.


Authorization

Authorization answers the question:

What are you allowed to do?

After authentication, authorization determines which resources the identity can access.

Examples:

  • View customer records
  • Create support tickets
  • Modify invoices
  • Delete files
  • Approve purchase requests

Authentication occurs first; authorization occurs second.


Microsoft Entra ID

Microsoft Entra ID (formerly Azure Active Directory) is Microsoft’s cloud-based identity and access management service.

It provides:

  • User authentication
  • Single Sign-On (SSO)
  • Conditional Access
  • Identity governance
  • Application registration
  • OAuth authorization
  • Enterprise identity management

Most enterprise Copilot Studio solutions use Microsoft Entra ID as their identity provider.


Single Sign-On (SSO)

Single Sign-On allows users to authenticate once and access multiple applications without repeatedly entering credentials.

Benefits include:

  • Better user experience
  • Reduced password fatigue
  • Improved security
  • Simplified administration

Example:

A user signs into Microsoft 365 and can then access a Copilot Studio agent, SharePoint, Outlook, and Dynamics 365 without additional sign-ins.


Multi-Factor Authentication (MFA)

MFA requires users to provide two or more forms of verification.

Examples include:

  • Password
  • Mobile authentication app
  • Text message
  • Hardware token
  • Biometric verification

MFA significantly reduces the risk of compromised credentials.

Organizations commonly require MFA for AI agents accessing sensitive business systems.


Delegated Permissions

Delegated permissions allow an application or agent to perform actions on behalf of a signed-in user.

The agent can only perform actions that the user is already authorized to perform.

Example:

An employee asks:

“Show me my support tickets.”

The agent retrieves only that employee’s tickets because it uses the employee’s delegated permissions.

Advantages:

  • User-specific security
  • Respects existing permissions
  • Simplifies auditing

Application Permissions

Application permissions allow an application to access resources independently of a signed-in user.

The application acts using its own identity.

Example:

A scheduled AI process updates inventory overnight.

No user is signed in.

The application authenticates using its own credentials.

Application permissions are common for background services and automation.


Service Principals

A service principal is the security identity created for an application within Microsoft Entra ID.

Rather than using a user account, applications authenticate using their own service principal.

Benefits include:

  • Secure application identity
  • Better auditing
  • Easier permission management
  • Reduced reliance on user accounts

Many enterprise integrations use service principals.


Managed Identities

Managed identities provide Azure services with automatically managed identities in Microsoft Entra ID.

Advantages include:

  • No password management
  • No stored credentials
  • Automatic credential rotation
  • Simplified security

Managed identities are recommended for Azure-hosted services whenever supported.


OAuth 2.0

OAuth 2.0 is the primary authorization framework used by many Microsoft services and external APIs.

Rather than sharing passwords, OAuth issues access tokens.

Typical OAuth flow:

  1. User signs in.
  2. Identity provider authenticates the user.
  3. An access token is issued.
  4. The agent presents the token to the target service.
  5. The service validates the token and authorizes access.

OAuth improves security by avoiding direct password sharing.


Access Tokens

An access token is a temporary credential issued after successful authentication.

Tokens contain information such as:

  • User identity
  • Application identity
  • Granted permissions (scopes)
  • Expiration time

Because tokens expire, they reduce the risk associated with stolen credentials.


Identity Providers

An identity provider (IdP) authenticates users and applications.

Examples include:

  • Microsoft Entra ID
  • Active Directory Federation Services (AD FS)
  • External OAuth providers
  • OpenID Connect providers

The identity provider establishes trust between the user and enterprise applications.


Planning Authentication for Enterprise Integrations

Every enterprise integration requires an authentication strategy.

Examples:

SystemTypical Authentication Method
Microsoft 365Microsoft Entra ID
Dynamics 365Microsoft Entra ID
SharePointMicrosoft Entra ID
Azure AI SearchMicrosoft Entra ID or API key
REST APIsOAuth, API key, or certificate
Custom applicationsOAuth or custom authentication

Architects should choose authentication methods supported by both Copilot Studio and the target system.


API Keys

Some external systems authenticate using API keys.

Advantages:

  • Simple implementation
  • Common with third-party APIs

Disadvantages:

  • Harder to rotate securely
  • Less granular permissions
  • Must be protected carefully

Whenever possible, OAuth is generally preferred over API keys because it provides stronger security and more flexible authorization.


Conditional Access

Conditional Access allows organizations to apply security policies based on specific conditions.

Policies may evaluate:

  • User identity
  • Device compliance
  • Geographic location
  • Risk level
  • Application
  • Network location

Examples:

  • Require MFA outside the corporate network.
  • Block access from high-risk countries.
  • Require managed devices for sensitive applications.

Conditional Access enhances security without changing application logic.


Least Privilege Principle

One of the most important identity planning principles is least privilege.

Grant only the permissions necessary to perform required tasks.

For example:

Instead of allowing an agent to modify every customer record, grant permission only to update support case statuses if that is all the agent requires.

Benefits include:

  • Reduced attack surface
  • Lower risk of accidental changes
  • Improved compliance
  • Easier auditing

Role-Based Access Control (RBAC)

RBAC assigns permissions based on roles instead of individual users.

Examples of roles:

  • Sales Representative
  • HR Manager
  • Finance Administrator
  • Customer Service Agent

The AI agent inherits permissions associated with the user’s assigned role.

RBAC simplifies administration and supports consistent security.


Identity for Multi-Agent Solutions

In multi-agent architectures, each agent may have its own identity and permissions.

Example:

  • HR agent accesses HR systems only.
  • Finance agent accesses accounting systems only.
  • IT agent accesses service management systems only.

Separating identities improves:

  • Security
  • Auditing
  • Governance
  • Maintainability

Avoid using one highly privileged identity for every agent.


Identity and Enterprise Knowledge

When agents retrieve enterprise knowledge from sources such as SharePoint or Azure AI Search, identity determines which documents users can access.

For example:

An HR employee may see personnel policies, while a sales employee sees only sales documentation.

Identity-aware retrieval helps ensure that users receive only the information they are authorized to access.


Compliance Considerations

Identity strategies often support compliance with organizational and regulatory requirements.

Examples include:

  • Audit logging
  • User accountability
  • Access reviews
  • Data protection
  • Separation of duties
  • Identity governance

Strong identity management helps organizations satisfy security and compliance standards.


Common Identity Planning Mistakes

Avoid these common mistakes:

  • Using shared user accounts for applications
  • Granting excessive permissions
  • Ignoring MFA requirements
  • Hardcoding credentials in applications
  • Failing to rotate API keys
  • Choosing application permissions when delegated permissions are sufficient
  • Forgetting Conditional Access requirements
  • Not documenting identity architecture
  • Giving every agent identical permissions

Best Practices

When planning an identity strategy:

  • Use Microsoft Entra ID whenever possible.
  • Enable Single Sign-On for a seamless user experience.
  • Require Multi-Factor Authentication for sensitive resources.
  • Prefer delegated permissions for user-driven interactions.
  • Use application permissions only when necessary.
  • Use managed identities for Azure-hosted services.
  • Apply the principle of least privilege.
  • Implement Role-Based Access Control.
  • Use OAuth instead of API keys whenever supported.
  • Separate identities for different agents and services.
  • Monitor authentication failures and access logs regularly.

Exam Tips

For the AB-620 exam, remember these key points:

  • Authentication verifies identity; authorization determines permissions.
  • Microsoft Entra ID is the primary identity provider for Microsoft cloud services.
  • Single Sign-On improves both usability and security.
  • MFA adds an additional layer of protection.
  • Delegated permissions operate on behalf of a signed-in user.
  • Application permissions allow applications to act independently.
  • Managed identities eliminate the need to manage credentials for Azure services.
  • Service principals represent applications in Microsoft Entra ID.
  • OAuth is generally preferred over API keys.
  • Always apply the principle of least privilege.

Practice Exam Questions

Question 1

A company wants its AI agent to access Microsoft 365 resources using the identity of the signed-in employee. Which permission model should be used?

A. Application permissions

B. Delegated permissions

C. Anonymous access

D. API key authentication

Correct Answer: B

Explanation: Delegated permissions allow the AI agent to perform actions on behalf of the signed-in user and respect that user’s existing permissions.


Question 2

What is the primary purpose of authentication?

A. Determine which resources a user can modify

B. Encrypt all enterprise data

C. Verify the identity of a user or application

D. Record audit logs

Correct Answer: C

Explanation: Authentication establishes who the user or application is before access decisions are made. Authorization determines what the authenticated identity can access.


Question 3

An Azure-hosted service needs to authenticate to Azure resources without storing passwords or secrets. Which identity solution is recommended?

A. Managed identity

B. API key

C. Shared service account

D. Username and password

Correct Answer: A

Explanation: Managed identities automatically manage credentials for Azure services, eliminating the need to store or rotate secrets.


Question 4

Which Microsoft service is the primary identity provider for Microsoft cloud applications and Copilot Studio integrations?

A. Azure AI Search

B. Microsoft Defender for Cloud

C. Microsoft Dataverse

D. Microsoft Entra ID

Correct Answer: D

Explanation: Microsoft Entra ID provides authentication, authorization, Single Sign-On, Conditional Access, and identity management for Microsoft cloud services.


Question 5

A background process updates inventory records every night without any user interaction. Which permission model is most appropriate?

A. Delegated permissions

B. Anonymous authentication

C. Application permissions

D. Guest user permissions

Correct Answer: C

Explanation: Application permissions allow applications to operate independently of a signed-in user, making them appropriate for scheduled or automated processes.


Question 6

Which security principle recommends granting only the permissions required to perform a specific task?

A. Defense in depth

B. Separation of duties

C. Zero Trust

D. Least privilege

Correct Answer: D

Explanation: The principle of least privilege minimizes security risks by limiting permissions to only those necessary for the required operations.


Question 7

Which authentication mechanism is generally preferred over API keys because it provides temporary access tokens and granular authorization?

A. Basic Authentication

B. OAuth 2.0

C. NTLM

D. Windows Authentication

Correct Answer: B

Explanation: OAuth 2.0 issues temporary access tokens instead of sharing passwords and supports fine-grained authorization scopes.


Question 8

What is the primary benefit of Single Sign-On (SSO)?

A. It permanently stores user credentials in every application.

B. It replaces authorization policies.

C. It allows users to authenticate once and access multiple trusted applications.

D. It eliminates the need for user identities.

Correct Answer: C

Explanation: Single Sign-On improves user experience and security by allowing one authentication session to provide access to multiple authorized applications.


Question 9

What is the purpose of a service principal in Microsoft Entra ID?

A. It represents an application or service as a security identity.

B. It stores enterprise knowledge for AI agents.

C. It replaces Conditional Access policies.

D. It creates Power Automate workflows.

Correct Answer: A

Explanation: A service principal is the identity used by an application or service to authenticate and access resources securely in Microsoft Entra ID.


Question 10

An organization requires users connecting from unmanaged devices to complete additional verification before accessing sensitive AI agents. Which capability addresses this requirement?

A. Role-Based Access Control

B. Managed identities

C. Conditional Access

D. Delegated permissions

Correct Answer: C

Explanation: Conditional Access evaluates conditions such as device compliance, location, and risk level to enforce security requirements like Multi-Factor Authentication before granting access.


Go to the AB-620 Exam Prep Hub main page

Implement orchestrated multi-agent solutions (AI-103 Exam Prep)

This post is a part of the AI-103: Develop AI Apps and Agents on Azure Exam Prep Hub. 
This topic falls under these sections:
Implement generative AI and agentic solutions (30–35%)
--> Build agents by using Foundry
--> Implement orchestrated multi-agent solutions


Note that there are 10 practice questions (with answers and explanations) at the end of each section to help you solidify your knowledge of the material. Also, there are 2 practice tests with 60 questions each available from the hub's main page below the exam topics section.

Introduction

As AI systems become more advanced, organizations increasingly use multiple AI agents working together rather than relying on a single monolithic model.

Multi-agent systems allow specialized agents to:

  • Collaborate
  • Delegate tasks
  • Share information
  • Coordinate workflows
  • Solve complex business problems

Azure AI Foundry provides orchestration capabilities that enable developers to design and implement coordinated multi-agent architectures.

For the AI-103: Develop AI Apps and Agents on Azure certification exam, understanding orchestrated multi-agent solutions is an important skill area.


What Is a Multi-Agent System?

A multi-agent system consists of:

  • Multiple AI agents
  • Coordinated workflows
  • Shared objectives
  • Task delegation mechanisms
  • Communication pathways

Each agent typically performs a specialized role.


Why Use Multi-Agent Architectures?

Multi-agent systems improve:

  • Scalability
  • Modularity
  • Specialization
  • Reliability
  • Workflow efficiency

Single-Agent vs Multi-Agent Systems

Single-Agent Systems

Single-agent systems:

  • Handle all responsibilities centrally
  • Use one model for all tasks
  • Are simpler to implement

However, they may struggle with:

  • Complex workflows
  • Large-scale orchestration
  • Specialized reasoning

Multi-Agent Systems

Multi-agent systems:

  • Separate responsibilities
  • Assign specialized tasks
  • Coordinate multiple workflows
  • Improve maintainability

Common Multi-Agent Roles

Examples of specialized agents include:

  • Research agents
  • Retrieval agents
  • Planning agents
  • Coding agents
  • Compliance agents
  • Validation agents
  • Summarization agents
  • Customer support agents

Agent Specialization

Specialized agents often outperform general-purpose agents because:

  • Prompts can be optimized
  • Tools can be restricted
  • Workflows become more focused
  • Context becomes more manageable

Orchestration

Orchestration coordinates:

  • Agent communication
  • Task delegation
  • Workflow sequencing
  • State management
  • Tool usage

What Is an Orchestrator?

An orchestrator is a coordinating component that:

  • Routes tasks
  • Selects agents
  • Manages workflows
  • Tracks execution state
  • Aggregates outputs

Centralized Orchestration

In centralized orchestration:

  • One orchestrator controls workflows
  • Agents report to a central controller
  • Execution is easier to monitor

Decentralized Orchestration

In decentralized orchestration:

  • Agents communicate directly
  • Coordination is distributed
  • Systems may scale more dynamically

Hierarchical Agent Systems

Hierarchical systems use:

  • Supervisor agents
  • Worker agents
  • Nested workflows

The supervisor assigns and validates tasks.


Agent Communication

Agents communicate by:

  • Passing messages
  • Sharing outputs
  • Updating workflow state
  • Exchanging structured data

Shared Context

Multi-agent systems may share:

  • Conversation history
  • Retrieved documents
  • Task state
  • Memory stores
  • Workflow variables

Conversation State Management

State management tracks:

  • Current workflow stage
  • Completed actions
  • Pending tasks
  • Agent outputs

Workflow Coordination

Workflow coordination defines:

  • Execution order
  • Conditional branching
  • Retry behavior
  • Escalation logic

Sequential Workflows

Sequential workflows execute agents in order.

Example:

  1. Retrieval agent
  2. Validation agent
  3. Summarization agent
  4. Approval agent

Parallel Workflows

Parallel workflows allow multiple agents to:

  • Execute simultaneously
  • Process independent tasks
  • Improve performance

Conditional Workflows

Conditional workflows branch based on:

  • User input
  • Confidence scores
  • Validation results
  • Business rules

Dynamic Routing

Dynamic routing enables orchestrators to:

  • Select agents at runtime
  • Adapt workflows dynamically
  • Optimize execution paths

Planning Agents

Planning agents:

  • Break tasks into subtasks
  • Determine execution order
  • Coordinate tool usage
  • Guide workflow progression

Task Delegation

Task delegation assigns work to specialized agents.

Examples:

  • Retrieval tasks
  • Compliance validation
  • Data analysis
  • Report generation

Tool-Augmented Multi-Agent Systems

Agents may use tools such as:

  • APIs
  • Search systems
  • Databases
  • Workflow engines
  • Custom functions

Retrieval Agents

Retrieval agents specialize in:

  • Searching enterprise data
  • Retrieving documents
  • Querying vector stores
  • Performing semantic search

Validation Agents

Validation agents may:

  • Detect hallucinations
  • Verify citations
  • Enforce compliance
  • Apply safety checks

Compliance Agents

Compliance agents help enforce:

  • Regulatory requirements
  • Security policies
  • Governance standards
  • Responsible AI rules

Human-in-the-Loop Systems

Some workflows require:

  • Human approval
  • Escalation review
  • Manual validation

before execution continues.


Memory in Multi-Agent Systems

Agents may use:

  • Short-term memory
  • Long-term memory
  • Shared memory
  • Retrieval-based memory

Shared Memory Systems

Shared memory allows agents to:

  • Access common information
  • Coordinate tasks
  • Maintain consistency

Long-Term Memory

Long-term memory stores:

  • Historical interactions
  • User preferences
  • Prior workflow results
  • Persistent context

Vector Memory

Vector memory uses embeddings to:

  • Store semantic information
  • Retrieve relevant history
  • Improve contextual continuity

Retrieval-Augmented Multi-Agent Systems

Multi-agent systems often integrate:

  • Azure AI Search
  • Vector search
  • Semantic retrieval
  • Grounding pipelines

Azure AI Search in Multi-Agent Systems

Azure AI Search supports:

  • Hybrid search
  • Semantic ranking
  • Vector indexing
  • Enterprise retrieval

Grounded Agent Responses

Grounded systems use retrieved evidence to:

  • Improve factual accuracy
  • Reduce hallucinations
  • Increase trustworthiness

Multi-Agent Reasoning

Complex reasoning may involve:

  • Planning agents
  • Research agents
  • Verification agents
  • Synthesis agents

working together.


Example Multi-Agent Workflow

Enterprise Research Assistant

Workflow:

  1. Planner agent analyzes user request
  2. Retrieval agent searches enterprise documents
  3. Research agent summarizes findings
  4. Validation agent checks citations
  5. Compliance agent reviews policy concerns
  6. Final response agent generates answer

Multi-Agent Coordination Challenges

Challenges include:

  • State synchronization
  • Latency
  • Tool conflicts
  • Redundant work
  • Workflow complexity

Latency Management

Latency can increase because:

  • Multiple agents execute sequentially
  • Retrieval systems add overhead
  • APIs require network calls

Optimization Strategies

Optimization techniques include:

  • Parallel execution
  • Response caching
  • Efficient retrieval
  • Selective tool invocation
  • Lightweight models for subtasks

Small Models in Multi-Agent Systems

Smaller models may handle:

  • Classification
  • Routing
  • Validation
  • Tool selection

while larger models perform complex reasoning.


Cost Optimization

Organizations may reduce costs by:

  • Using specialized lightweight agents
  • Limiting unnecessary tool calls
  • Reducing prompt size
  • Caching retrieval results

Monitoring Multi-Agent Systems

Monitoring should include:

  • Agent performance
  • Workflow success rates
  • Latency
  • Tool failures
  • Retrieval quality
  • Safety events

Logging and Traceability

Logs should capture:

  • Agent decisions
  • Tool invocations
  • Retrieval outputs
  • Workflow paths
  • Human approvals

Observability

Observability enables teams to:

  • Diagnose failures
  • Analyze workflows
  • Improve orchestration
  • Monitor reasoning quality

Security Considerations

Multi-agent systems require:

  • Authentication
  • Authorization
  • Role-based access control (RBAC)
  • Managed identities
  • Secure tool access

Least Privilege Access

Each agent should receive:

  • Only required permissions
  • Restricted tool access
  • Scoped credentials

Responsible AI Considerations

Organizations should implement:

  • Safety filters
  • Approval workflows
  • Oversight controls
  • Audit logging
  • Content moderation

Failure Recovery

Recovery mechanisms may include:

  • Retries
  • Escalation paths
  • Fallback agents
  • Human intervention

Agent Evaluation

Organizations should evaluate:

  • Task completion accuracy
  • Hallucination rates
  • Retrieval quality
  • Workflow reliability
  • Safety compliance

Azure AI Foundry and Multi-Agent Solutions

Azure AI Foundry supports:

  • Agent development
  • Tool integration
  • Workflow orchestration
  • Model deployment
  • Retrieval integration
  • Monitoring and evaluation

Common AI-103 Exam Tips

Understand Agent Roles

Know how specialized agents:

  • Coordinate
  • Delegate tasks
  • Use tools
  • Share context

Understand Orchestration Patterns

Know:

  • Sequential workflows
  • Parallel workflows
  • Hierarchical systems
  • Dynamic routing

Learn Retrieval Integration

Understand:

  • Azure AI Search
  • RAG
  • Vector search
  • Embeddings
  • Grounding

Learn Monitoring Concepts

Understand:

  • Trace logging
  • Workflow monitoring
  • Observability
  • Safety monitoring

Summary

Orchestrated multi-agent systems enable:

  • Specialized AI workflows
  • Coordinated reasoning
  • Tool integration
  • Enterprise-scale automation

For the AI-103 exam, you should understand:

  • Multi-agent architectures
  • Agent orchestration
  • Workflow coordination
  • Task delegation
  • Shared memory
  • Retrieval integration
  • Planning agents
  • Validation agents
  • Compliance workflows
  • Dynamic routing
  • Monitoring and observability
  • Responsible AI controls

These concepts are foundational for enterprise AI agent development in Azure AI Foundry.


Practice Exam Questions

Question 1

What is a primary advantage of multi-agent systems?

A. Elimination of workflows
B. Agent specialization and task coordination
C. Removal of retrieval systems
D. Elimination of APIs

Answer

B. Agent specialization and task coordination

Explanation

Multi-agent systems improve modularity and specialization.


Question 2

What is the role of an orchestrator in a multi-agent system?

A. Replace all agents
B. Coordinate workflows and manage execution
C. Disable APIs
D. Eliminate memory usage

Answer

B. Coordinate workflows and manage execution

Explanation

Orchestrators route tasks and coordinate agent interactions.


Question 3

Which workflow type allows multiple agents to execute simultaneously?

A. Sequential workflow
B. Parallel workflow
C. Static workflow
D. Manual workflow

Answer

B. Parallel workflow

Explanation

Parallel workflows improve performance by enabling concurrent execution.


Question 4

What is a common role for a retrieval agent?

A. GPU maintenance
B. Searching enterprise knowledge sources
C. Managing DNS records
D. Updating operating systems

Answer

B. Searching enterprise knowledge sources

Explanation

Retrieval agents specialize in search and document retrieval.


Question 5

Why are validation agents useful?

A. They eliminate monitoring
B. They verify outputs and reduce hallucinations
C. They remove orchestration logic
D. They disable APIs

Answer

B. They verify outputs and reduce hallucinations

Explanation

Validation agents improve reliability and compliance.


Question 6

What is shared memory in a multi-agent system?

A. A GPU cache
B. A common context accessible by multiple agents
C. A networking appliance
D. A firewall rule set

Answer

B. A common context accessible by multiple agents

Explanation

Shared memory improves coordination between agents.


Question 7

Which Azure service is commonly used for enterprise retrieval in multi-agent systems?

A. Azure AI Search
B. Azure Backup
C. Azure Monitor Agent
D. Azure VPN Gateway

Answer

A. Azure AI Search

Explanation

Azure AI Search supports semantic, vector, and hybrid retrieval.


Question 8

What is dynamic routing?

A. Static API configuration
B. Selecting agents at runtime based on workflow needs
C. Replacing retrieval systems
D. Eliminating orchestrators

Answer

B. Selecting agents at runtime based on workflow needs

Explanation

Dynamic routing enables adaptive workflows.


Question 9

Why might organizations use small models in multi-agent systems?

A. To increase hallucinations
B. To reduce cost and handle lightweight subtasks
C. To eliminate orchestration
D. To disable memory

Answer

B. To reduce cost and handle lightweight subtasks

Explanation

Small models are efficient for routing and classification tasks.


Question 10

What should organizations monitor in multi-agent solutions?

A. Only GPU temperatures
B. Workflow reliability, retrieval quality, latency, and safety events
C. Only token counts
D. Only firewall rules

Answer

B. Workflow reliability, retrieval quality, latency, and safety events

Explanation

Monitoring ensures reliable and safe multi-agent operations.


Go to the AI-103 Exam Prep Hub main page