Federated MCP Connectors Land in GA — and Anthropic Follows

Federated Copilot Connectors Are GA — Read the Fine Print Before You Open the Floodgates

The signal that matters most this week: Microsoft 365 Roadmap item 501120 confirms General Availability for federated Copilot connectors. These let Copilot reach third-party data sources in real time over the Model Context Protocol, without storing or indexing that data in Microsoft's services. The user's own identity handles the access; no shadow copy lands in your tenant.

That architecture detail is the whole story for governance purposes. The risk surface shifts from "what did Microsoft ingest on my behalf" to "which connectors did my admins approve, and what can a user's identity actually reach at query time." On a 15,000-seat tenant with SharePoint, Salesforce, and ServiceNow all in scope, those are three different data-estate conversations you need to have before connectors go live. The Microsoft 365 admin center carries the enable/disable controls per connector. Lock that down before your change-management window opens, not after.

What to do: Pull your current connector inventory in the M365 admin center now. Map each connector candidate to a data owner and a sensitivity classification. Federated connectors that touch anything labeled Confidential or higher need an explicit approval gate — not a default-on posture.

---

Anthropic Model Access Inside M365 Copilot Now Has an Admin Dial

Two roadmap items shipped together and they're worth reading as a pair.

Roadmap item 557371 gave IT admins the ability to enable Anthropic as a model provider scoped to specific users and groups — not tenant-wide. That's a meaningful governance lever. You can run a Claude pilot with your engineering org while the rest of the tenant stays on the default model stack.

Roadmap item 558443 extends this into PowerPoint specifically: Copilot-licensed users can now select between OpenAI and Anthropic models when creating or editing presentations. Both items carried an April 2026 GA date.

For clients where we're running parallel Anthropic and Microsoft Copilot deployments, this closes a gap we've been working around. Previously, getting Claude-class reasoning into the M365 surface required a separate browser or API workflow. Now the model choice lives inside the familiar PowerPoint UX, gated by the admin controls in item 557371.

What to do: If you have an Anthropic enterprise agreement already in place, get the model-provider toggle mapped to a pilot group before broader rollout. If you don't, this is a reasonable trigger to start that conversation — the licensing and data-handling terms differ from the OpenAI path, and you want those resolved before a VP asks why their Copilot looks different from a colleague's.

---

Two Purview DLP Expansions — One Shipped, One Incoming

Sensitivity Labels Across All Storage Locations (GA: April 2026)

Roadmap item 557255 closes a gap that caused real headaches in regulated-industry deployments: the DLP policy blocking Copilot from processing sensitive files now applies regardless of where those files live. Previously, files outside SharePoint Online — think OneDrive sync'd folders, Teams channel files in certain configurations — could slip through. That inconsistency is gone.

If your Purview DLP posture was built assuming SharePoint as the sole enforcement boundary, audit that now. Files your users moved to local sync roots may have been accessible to Copilot in ways your policy intent didn't cover.

Web Search DLP for Copilot (Preview: June 2026, GA: July 2026)

Roadmap item 548671 is worth flagging even though it's two months out. Microsoft is extending Purview DLP to intercept Copilot web searches that contain sensitive data — blocking the query before it leaves the tenant boundary. This covers both M365 Copilot and agents built in Copilot Studio published to the M365 surface.

The practical scenario this addresses: a user pastes a contract clause or a customer identifier into a Copilot prompt, Copilot tries to web-search for context, and that string exits your tenant uncontrolled. That's the vector. Preview opens in June; if you're in a healthcare or financial services environment, you want to be in that preview cohort on day one.

What to do: Confirm April's sensitivity-label DLP expansion is active in your tenant — check your DLP policy scope settings. For the web search control, register your compliance team's interest in the preview now so you're not waiting on a waitlist in June.

---

Cloudflare Agent Cloud and OpenAI: A Platform Bet Worth Watching

OpenAI's announcement with Cloudflare brings GPT-5.4 and Codex into Cloudflare's Agent Cloud infrastructure. The frame is speed and edge-proximity for agentic workloads — agents that need low-latency tool calls and don't want the round-trip overhead of a centralized API endpoint.

This doesn't directly affect clients running inside the Microsoft stack, but it matters for clients where we're building container-based agent runtimes outside M365. Cloudflare's network as an agent execution layer is a serious architectural option, and GPT-5.4 availability there changes the compute siting conversation. If you've been defaulting to Azure-hosted agents purely for proximity to your OpenAI API quota, this is worth a second look.

What to do: If you have an active agentic architecture engagement with us, put Cloudflare Agent Cloud on the options matrix for your next design review. The edge-siting tradeoffs are real and the latency profile may suit certain tool-heavy agent patterns better than a centralized Azure deployment.

---

Watch next week for any Copilot Studio governance updates that extend the web-search DLP controls to non-M365 published agents — that's the boundary that still isn't covered by item 548671, and it's the one most likely to catch custom-built studio agents off guard.