MT.1114 - AI agents should require user authentication
Overview
AI agents should require user authentication with sign-in enforced.
This test flags two issues:
- No authentication: Agents configured without any authentication allow anonymous access.
- Sign-in not required: Agents with authentication configured but "Require users to sign in" toggled off. This means users can interact with the agent without authenticating, undermining the auth configuration.
How to fix
- In Copilot Studio, open the agent settings and configure authentication to use Authenticate with Microsoft or Authenticate manually.
- Enable Require users to sign in to ensure every user authenticates before interacting with the agent.
Learn more: Configure user authentication in Copilot Studio
Test Metadata
| Field | Value |
|---|---|
| Test ID | MT.1114 |
| Severity | High |
| Suite | Maester |
| Category | AIAgent |
| PowerShell test | Test-MtAIAgentNoAuthentication |
| Tags | AIAgent, CopilotStudio, MT.1114 |
Source
- Pester test:
tests/Maester/AIAgent/Test-AIAgentSecurity.Tests.ps1 - PowerShell source:
powershell/public/maester/aiagent/Test-MtAIAgentNoAuthentication.ps1