Agent 365 License Cutoff — Copilot Studio and Foundry Agent Security Now Requires Paid Licensing
Microsoft has enforced the Agent 365 license cutoff, ending the free trial period for security and compliance features in Copilot Studio and Azure AI Foundry agents. Enterprises that have been running agents in production or extended pilots under the trial entitlements now face a billing decision with immediate operational consequences. Understanding what the license tiers cover, what the cost structure looks like, and how to plan your agent deployment budget is the critical immediate action item for every enterprise running Microsoft agents today.
What Changed at the Cutoff Date
Prior to the cutoff, Microsoft offered a trial period during which security and compliance features for Copilot Studio agents and Foundry-built agents were available without requiring the Agent 365 license add-on. That trial period has ended. Agents that relied on trial entitlements for DLP policy enforcement, audit logging, Microsoft Purview integration, and compliance-scoped data handling are now operating either against a paid license or in a degraded state where those security features are inactive.
The distinction between free trial agents and production-licensed agents is not cosmetic. A trial agent running without an active Agent 365 license in a production environment is operating without the DLP guardrails and audit trails that your compliance posture likely requires. Regulated industries — financial services, healthcare, government — cannot treat this as an optional upgrade. The security and compliance features gated behind the paid license are the features that make agent deployments legally defensible.
What the License Tiers Cover
The Agent 365 licensing structure covers three primary capability categories. Data Loss Prevention integration allows agents to be governed by existing Purview DLP policies, preventing agents from surfacing or transmitting data that violates your organisation's data handling rules. This is the equivalent of extending your existing email and Teams DLP policies into the agent conversation and action layer. Without it, agents operate outside your DLP boundary — a significant compliance gap for any organisation with regulated data.
Audit logging under the paid tier provides full conversation and action audit trails routed through Purview Audit. Every agent invocation, every tool call, every data access, and every user interaction is logged to the compliance-grade audit system. In a trial configuration, logging may be partial or stored only in diagnostic logs rather than compliance-grade audit records. The distinction matters for legal holds, regulatory examination responses, and internal audit reviews.
Purview integration at the paid tier extends sensitivity label enforcement into agent interactions. Agents can read and respect sensitivity labels on documents and data they access, preventing agents from summarising or forwarding content that is labelled as confidential or highly restricted. This is a capability that most organisations already rely on for human user document access — extending it to agents is the same control applied consistently across the access surface.
Cost Implications for Enterprise Agent Deployments
The Agent 365 license is an add-on to existing M365 E3 or E5 licensing. Per-user pricing applies to users who interact with agents, not to the agents themselves — meaning the cost scales with your active user population, not your agent count. For enterprises with large user bases, this can be a significant incremental cost. The cost planning exercise requires mapping which users interact with which agents and whether those interactions involve regulated data or compliance-relevant workflows.
The calculus changes significantly if you are already on M365 E5 Compliance. Some Agent 365 security features are included in the E5 Compliance bundle rather than requiring a separate add-on purchase. Architecture teams should audit their existing licensing tier before purchasing Agent 365 add-ons to avoid paying twice for overlapping entitlements.
What Architects Need to Plan For
- License audit now: Identify every Copilot Studio and Foundry agent currently running in production or near-production and verify their license status before the cutoff impacts their security posture
- Tier selection: Map required security features to license tiers — not all features require the highest tier, and over-licensing adds unnecessary cost
- Budget inclusion: Every agent deployment budget for FY2027 must include Agent 365 licensing in the cost model — this is now a fixed cost of production agent deployment, not an optional add-on
- Purview readiness: If your organisation does not have Purview DLP policies and sensitivity labels deployed, the Agent 365 security features will not function correctly — the agent license assumes Purview is operational
Key Takeaways
- The Agent 365 cutoff is a hard enforcement event — agents relying on trial entitlements for DLP, audit, and Purview integration are now operating in a degraded compliance posture
- DLP, audit logging, and sensitivity label enforcement are the three core security capabilities behind the paid license — all three are typically required for regulated industry deployments
- Cost scales with user population, not agent count — budget planning must model active user interaction volumes
- M365 E5 Compliance customers may have partial coverage already — audit existing entitlements before purchasing add-ons
- Include Agent 365 licensing as a fixed line item in every future agent deployment business case — it is no longer optional for production workloads


