Connect Copilot Studio to Dataverse MCP across environments

Did you know that the built-in Dataverse MCP tool in Copilot Studio only sees the environment your agent lives in? If your business data sits in a different environment (very common in hub-and-spoke topologies), you need a custom MCP connector — and the very first call is expected to fail until access is approved.

Why the built-in tool isn’t enough

When you add the native Dataverse MCP tool, it runs against the agent’s home environment. It’s quick to set up, but it can’t reach a Dataverse instance in another environment, even within the same tenant. That’s by design: cross-environment access has to be explicitly granted, and the only supported path is OAuth + an app user with scoped permissions.

The cross-environment pattern

The working setup has three pieces:

1. Entra ID app registration (OAuth)
   • Create an app registration in Entra ID for the agent.
   • Grant Dataverse user_impersonation and configure a redirect URI for the custom connector.
   • Generate a client secret (or, better, use a federated credential / managed identity if your topology supports it).
2. Dataverse Application User in the target environment
   • In the target environment’s Power Platform admin center → Settings → Users → Application users, add a new app user mapped to the registration’s client ID.
   • Assign only the security roles your agent actually needs. Don’t grant System Administrator just to make it work.
3. Custom MCP connector in Copilot Studio
   • Add a custom connector in your agent that points to the Dataverse MCP endpoint (https://<env>.crm.dynamics.com/api/copilot/mcp).
   • Use the OAuth app from step 1 as the authentication.
   • In Power Platform Admin Center → Environments → target env → Copilot Studio → MCP clients, explicitly approve the connector so calls are allowed.

Why your first test will fail (and that’s OK)

The initial call typically returns an authorization error. That’s the trigger for the approval workflow: the request shows up in the target environment’s MCP clients list, an admin approves it, and subsequent calls work. Don’t waste hours debugging — check the approval queue first.

Why this matters

Most real enterprises run separate environments for different business units, geographies, or sensitivity tiers. Letting agents cross those boundaries safely — with named app users, scoped roles, and admin-approved clients — is what turns a one-off pilot into something governance can actually sign off on.

Deeper walkthrough: Connecting Copilot Studio to a Dataverse MCP Endpoint Across Environments.