Merge announced on June 2, 2026, in New York that its Agent Handler will come to the Microsoft Agent Store, giving Microsoft 365 agents a governed way to connect with third-party business systems through Model Context Protocol-based tooling. The announcement is not merely another integration badge on a marketplace page. It is a bet that the next phase of Copilot adoption will be decided less by chat quality than by whether agents can safely touch the systems where work actually happens.
For WindowsForum readers, that makes this a Microsoft 365 story as much as a Merge story. Microsoft has spent the past two years turning Copilot from a writing assistant into a workplace interface; Merge is arguing that interface is underpowered unless it can update Salesforce, open Jira tickets, check Workday data, or move records through finance systems without forcing every enterprise to build brittle one-off connectors. The pitch is simple: if Copilot is becoming the front end for work, someone has to industrialize the plumbing behind the buttons.
The Microsoft Agent Store matters because it is where Microsoft wants organizations to discover, deploy, and govern the agents that extend Microsoft 365 Copilot. That store is not just a catalog. It is a distribution and trust mechanism inside the same ecosystem where users already live in Teams, Outlook, Word, Excel, SharePoint, and the Microsoft 365 Copilot app.
That is why Merge’s move is strategically interesting. Agent Handler is not being positioned as a single-purpose Copilot add-on, but as a connective layer that could sit behind many agents and many workflows. In practical terms, Merge wants administrators to install the handler once and then expose governed access to hundreds of SaaS applications across HR, CRM, accounting, ticketing, file storage, and collaboration.
This is exactly where enterprise AI has been stuck. The demo version of an agent can summarize a document, draft a follow-up, or answer a question from a knowledge base. The production version has to authenticate to a system of record, respect permissions, write the correct field, record an audit trail, survive rate limits, and avoid turning a vague prompt into a destructive action.
Microsoft’s own platform direction has made that problem more urgent. Copilot agents are becoming easier to build, easier to publish, and easier to bring into daily workflows. But that democratization cuts both ways: if every department can spin up agents, central IT needs a better answer than reviewing a swamp of custom API connections one at a time.
Merge says Agent Handler will let agents connect through Model Context Protocol, or MCP, to third-party applications. MCP has become one of the more important standards in the agent boom because it gives AI systems a structured way to discover tools, request context, and invoke actions. In plainer language, it helps agents understand what they are allowed to do outside the chat box.
But MCP by itself is not a finished enterprise governance story. A protocol can describe a tool, but enterprises still need identity, consent, scopes, authorization, monitoring, logging, and policy enforcement. Merge is trying to occupy that middle layer: not the model, not the productivity app, and not the destination SaaS product, but the broker that lets those systems talk without turning every integration into a bespoke security review.
That framing explains why the company is emphasizing compliance credentials such as SOC 2 Type II, HIPAA, and ISO 27001, along with SSO, SCIM, role-based access controls, data loss prevention, and immutable audit logs. Some of that language can sound like enterprise wallpaper, but in agent deployments it is the product. If an agent can write to Workday or Salesforce, the audit log is not a nice-to-have; it is the difference between automation and untraceable chaos.
Merge’s announcement leans hard into that shift. Its examples are mundane by design: updating a Workday record, opening a Jira ticket, logging an opportunity in Salesforce. None of those tasks sound futuristic. That is the point. The money in enterprise AI is not in making office workers feel like they are talking to a sentient machine; it is in shaving friction from repeatable work that crosses departmental software boundaries.
This is also where Microsoft 365 has a natural advantage and a natural weakness. The advantage is distribution. Microsoft owns the work surface for a vast number of enterprises, and Copilot is increasingly embedded where employees already communicate and produce documents. The weakness is that Microsoft 365 is not the only system that matters. The average enterprise runs on a mesh of SaaS products, legacy databases, departmental tools, and vendor-specific workflows.
If Copilot remains strongest only inside Microsoft’s own estate, it risks becoming a very polished assistant with a short reach. If partners such as Merge can safely extend that reach, Copilot becomes more plausible as an operational interface for everyday business processes. That is the step Microsoft needs if it wants agents to graduate from novelty to infrastructure.
Agents are not ordinary software integrations. A conventional integration usually does a known thing at a known time in a known shape. An agent may decide which tool to call based on natural-language input, imperfect context, and model-generated reasoning. Even when the underlying APIs are deterministic, the path to invoking them can be probabilistic.
That makes guardrails more than a procurement checkbox. Security teams will want to know exactly which actions are available, which users can trigger them, which downstream scopes are granted, what data comes back into Microsoft 365, and how failed or ambiguous operations are handled. They will also want to know whether a tool invocation is merely suggested by an agent or executed automatically.
Merge says security teams will be able to define which actions an agent may take in each downstream system, while every read and write will be captured in immutable logs. That is the right answer at the architectural level. The hard work will be in implementation: mapping messy real-world permissions into usable policies, keeping connector behavior transparent, and preventing “just approve it” fatigue as business teams demand more agent capabilities.
This is familiar Microsoft strategy. Windows succeeded in part because Microsoft built the platform and let the ecosystem fill in enormous swaths of functionality. Microsoft 365 is now trying to do something similar for agents: define the environment, the identity layer, the app surfaces, the admin controls, and the marketplace, then let partners extend the useful range.
Merge benefits from that gravity. The company already sells integration infrastructure to AI and software companies, and the announcement names customers including OpenAI, Perplexity, Netflix, Dropbox, and Ramp. The Microsoft Agent Store gives Merge a new distribution path into enterprises that may not have thought of “agent connectivity” as a separate procurement category until Copilot made the problem visible.
The relationship also gives Microsoft a cleaner answer to a common customer objection. If a CIO asks how Microsoft 365 Copilot agents will work with the dozens or hundreds of apps outside the Microsoft estate, Microsoft can point to an ecosystem rather than a roadmap promise. That does not eliminate integration risk, but it changes the sales conversation.
A common protocol can reduce the cost of connecting agents to tools. It can also make it easier for tool providers to expose capabilities once and have multiple agent platforms consume them. That is valuable in a world where developers are already drowning in competing SDKs, plugin formats, app manifests, and orchestration patterns.
But standardization can create false confidence if buyers confuse connectivity with governance. An MCP server that exposes powerful tools still needs policy, authentication, observability, and lifecycle management. Enterprises will need to ask not just whether an app supports MCP, but who controls the server, how scopes are granted, where logs live, how secrets are handled, and what happens when tools change.
Merge’s bet is that enterprises will want a managed MCP layer rather than a sprawling collection of ad hoc MCP servers attached to individual agents. That is a credible bet. The more agents an organization deploys, the less attractive it becomes to manage connectivity as a set of isolated experiments.
That can be powerful, but it can also hide complexity rather than remove it. An agent that updates a CRM record still depends on the CRM’s data quality. An agent that opens a ticket in Jira still depends on the organization’s ticket taxonomy. An agent that touches HR systems still has to navigate policy, privacy, and local regulatory constraints.
The strongest case for Agent Handler is not that it magically simplifies all of this. It is that it gives enterprises a more realistic place to manage the complexity. Instead of embedding connector logic inside every agent, organizations can centralize permissions, monitoring, and tool exposure through a shared infrastructure layer.
That design also makes the failure modes easier to reason about. If an agent behaves badly, admins need to know whether the problem came from the prompt, the model, the tool definition, the connector, the identity mapping, or the downstream application. A centralized handler cannot make that investigation painless, but it can make it possible.
That is why this announcement lands at an important moment for Microsoft 365 Copilot. Microsoft has already convinced many organizations to pilot or purchase Copilot licenses. The harder challenge is proving sustained value beyond writing assistance and document summarization. The agent story is Microsoft’s answer, but agents intensify every governance question that already surrounds Copilot.
In a Windows and Microsoft 365 environment, the identity story is usually the first line of defense. Entra ID, Microsoft Graph, Teams app governance, Microsoft 365 admin controls, and Purview-style compliance expectations all shape how customers think about deployment. A third-party agent connectivity layer has to fit into that mental model, not ask IT to build a parallel universe.
Merge’s emphasis on SSO, SCIM, role-based access, DLP, and auditability is therefore not incidental. It is the company speaking the language of the buyers who can say no. Business users may want the agent that files expense-related tickets and updates customer notes; IT wants to know how to shut it off, narrow it down, and explain what happened after the fact.
In many enterprises, no single admin team fully owns every system an agent might touch. HR owns Workday policy. Sales operations owns Salesforce fields and workflows. Finance owns NetSuite or QuickBooks controls. IT owns identity and endpoint posture. Security owns monitoring and incident response. Legal and compliance own retention, data access, and sometimes the right to say “absolutely not.”
A central connector layer can help coordinate those stakeholders, but it does not make their interests identical. The real adoption curve will depend on how granular Agent Handler’s controls are, how intelligible they are to non-developer administrators, and how well they support phased rollout. The safest path will likely begin with read-only use cases, low-risk actions, tightly scoped groups, and heavy logging before moving into write operations against sensitive systems.
That is not a criticism so much as a reminder. Enterprise AI is not blocked only by technology. It is blocked by trust, ownership, and the mundane fact that businesses have spent years building controls around the very systems agents now want to operate.
Merge is entering that fight with a strong message: agents need a production-grade action layer. But it will not be alone. Microsoft itself has Copilot Studio, Power Platform connectors, Graph connectors, Azure integration services, and a sprawling partner ecosystem. Other AI platforms and integration vendors are also converging around MCP, agent tools, and managed connectors.
That competitive overlap could be healthy if it gives customers options. It could also become confusing if every vendor defines “agent connector,” “tool,” “action,” “gateway,” and “governance” slightly differently. Enterprise buyers should expect a period of vocabulary inflation before the market settles into clearer categories.
For Microsoft, the trick is to encourage the ecosystem without losing the coherence that made Microsoft 365 attractive in the first place. If the Agent Store becomes a dumping ground of uneven agents and overlapping connectors, admins will tighten the gates. If it becomes a curated control point with credible governance signals, it could become one of the more important enterprise software marketplaces of the AI era.
That is where production systems earn trust. Does the agent ask for clarification? Does it present a preview before writing? Does the connector return a useful error? Does the log show enough detail to reconstruct the event? Can an administrator disable one dangerous action without disabling the entire integration?
Merge’s announcement suggests that these questions are central to Agent Handler’s value proposition, but customers should press for specifics during rollout. The phrase “hundreds of business applications” is impressive, yet breadth is only half the story. For high-value workflows, depth matters more: field-level permissions, action-level controls, schema awareness, error handling, and transparent audit records.
The other practical test is latency and reliability. Employees will not adopt agent workflows if the old way is faster and more predictable. The agent has to be not only clever but operationally dependable, especially when it is sitting inside tools like Outlook and Teams where users expect immediate feedback.
Merge’s Microsoft Agent Store launch points toward a plausible future for Microsoft 365 Copilot: less chatbot, more operating layer for work. But that future will depend on whether vendors can make agentic action feel as governable as traditional enterprise software and as usable as the chat interfaces that made AI popular in the first place. If they can, the next big change in Microsoft 365 may not be what Copilot says — it will be what Copilot is finally allowed to do.
For WindowsForum readers, that makes this a Microsoft 365 story as much as a Merge story. Microsoft has spent the past two years turning Copilot from a writing assistant into a workplace interface; Merge is arguing that interface is underpowered unless it can update Salesforce, open Jira tickets, check Workday data, or move records through finance systems without forcing every enterprise to build brittle one-off connectors. The pitch is simple: if Copilot is becoming the front end for work, someone has to industrialize the plumbing behind the buttons.
The Agent Store Is Becoming Microsoft’s New Control Point
The Microsoft Agent Store matters because it is where Microsoft wants organizations to discover, deploy, and govern the agents that extend Microsoft 365 Copilot. That store is not just a catalog. It is a distribution and trust mechanism inside the same ecosystem where users already live in Teams, Outlook, Word, Excel, SharePoint, and the Microsoft 365 Copilot app.That is why Merge’s move is strategically interesting. Agent Handler is not being positioned as a single-purpose Copilot add-on, but as a connective layer that could sit behind many agents and many workflows. In practical terms, Merge wants administrators to install the handler once and then expose governed access to hundreds of SaaS applications across HR, CRM, accounting, ticketing, file storage, and collaboration.
This is exactly where enterprise AI has been stuck. The demo version of an agent can summarize a document, draft a follow-up, or answer a question from a knowledge base. The production version has to authenticate to a system of record, respect permissions, write the correct field, record an audit trail, survive rate limits, and avoid turning a vague prompt into a destructive action.
Microsoft’s own platform direction has made that problem more urgent. Copilot agents are becoming easier to build, easier to publish, and easier to bring into daily workflows. But that democratization cuts both ways: if every department can spin up agents, central IT needs a better answer than reviewing a swamp of custom API connections one at a time.
Merge Is Selling the Missing Middle Between Prompt and Production
The most important phrase in the announcement is not “Microsoft Agent Store.” It is “secure, governed access.” That is the difference between an agent that can impress an executive in a conference room and one that a risk-conscious enterprise will allow near payroll, revenue, candidate data, or customer support queues.Merge says Agent Handler will let agents connect through Model Context Protocol, or MCP, to third-party applications. MCP has become one of the more important standards in the agent boom because it gives AI systems a structured way to discover tools, request context, and invoke actions. In plainer language, it helps agents understand what they are allowed to do outside the chat box.
But MCP by itself is not a finished enterprise governance story. A protocol can describe a tool, but enterprises still need identity, consent, scopes, authorization, monitoring, logging, and policy enforcement. Merge is trying to occupy that middle layer: not the model, not the productivity app, and not the destination SaaS product, but the broker that lets those systems talk without turning every integration into a bespoke security review.
That framing explains why the company is emphasizing compliance credentials such as SOC 2 Type II, HIPAA, and ISO 27001, along with SSO, SCIM, role-based access controls, data loss prevention, and immutable audit logs. Some of that language can sound like enterprise wallpaper, but in agent deployments it is the product. If an agent can write to Workday or Salesforce, the audit log is not a nice-to-have; it is the difference between automation and untraceable chaos.
The Real Upgrade Is Action, Not Conversation
For years, productivity AI has been judged on the quality of its answers. That made sense in the first wave of Copilot-style tools, where the most visible use cases were summarization, drafting, search, and synthesis. But the enterprise value curve bends upward only when an AI system can close the loop by doing something useful in another system.Merge’s announcement leans hard into that shift. Its examples are mundane by design: updating a Workday record, opening a Jira ticket, logging an opportunity in Salesforce. None of those tasks sound futuristic. That is the point. The money in enterprise AI is not in making office workers feel like they are talking to a sentient machine; it is in shaving friction from repeatable work that crosses departmental software boundaries.
This is also where Microsoft 365 has a natural advantage and a natural weakness. The advantage is distribution. Microsoft owns the work surface for a vast number of enterprises, and Copilot is increasingly embedded where employees already communicate and produce documents. The weakness is that Microsoft 365 is not the only system that matters. The average enterprise runs on a mesh of SaaS products, legacy databases, departmental tools, and vendor-specific workflows.
If Copilot remains strongest only inside Microsoft’s own estate, it risks becoming a very polished assistant with a short reach. If partners such as Merge can safely extend that reach, Copilot becomes more plausible as an operational interface for everyday business processes. That is the step Microsoft needs if it wants agents to graduate from novelty to infrastructure.
Admins Will Care Less About the Magic Than the Blast Radius
The optimistic reading of Agent Handler is that it gives Microsoft 365 customers a single front door to hundreds of applications. The cautious reading is that it creates a new concentration point for permissions across the enterprise. Both readings can be true.Agents are not ordinary software integrations. A conventional integration usually does a known thing at a known time in a known shape. An agent may decide which tool to call based on natural-language input, imperfect context, and model-generated reasoning. Even when the underlying APIs are deterministic, the path to invoking them can be probabilistic.
That makes guardrails more than a procurement checkbox. Security teams will want to know exactly which actions are available, which users can trigger them, which downstream scopes are granted, what data comes back into Microsoft 365, and how failed or ambiguous operations are handled. They will also want to know whether a tool invocation is merely suggested by an agent or executed automatically.
Merge says security teams will be able to define which actions an agent may take in each downstream system, while every read and write will be captured in immutable logs. That is the right answer at the architectural level. The hard work will be in implementation: mapping messy real-world permissions into usable policies, keeping connector behavior transparent, and preventing “just approve it” fatigue as business teams demand more agent capabilities.
Microsoft Gets a Partner That Makes Copilot More Useful Without Owning Every App
There is a platform logic to this announcement that should not be overlooked. Microsoft does not need to build every connector itself if the Agent Store becomes the place where enterprise-grade connector platforms compete for deployment. That lets Microsoft keep Copilot at the center while partners take on some of the integration burden.This is familiar Microsoft strategy. Windows succeeded in part because Microsoft built the platform and let the ecosystem fill in enormous swaths of functionality. Microsoft 365 is now trying to do something similar for agents: define the environment, the identity layer, the app surfaces, the admin controls, and the marketplace, then let partners extend the useful range.
Merge benefits from that gravity. The company already sells integration infrastructure to AI and software companies, and the announcement names customers including OpenAI, Perplexity, Netflix, Dropbox, and Ramp. The Microsoft Agent Store gives Merge a new distribution path into enterprises that may not have thought of “agent connectivity” as a separate procurement category until Copilot made the problem visible.
The relationship also gives Microsoft a cleaner answer to a common customer objection. If a CIO asks how Microsoft 365 Copilot agents will work with the dozens or hundreds of apps outside the Microsoft estate, Microsoft can point to an ecosystem rather than a roadmap promise. That does not eliminate integration risk, but it changes the sales conversation.
MCP Is Becoming the USB-C Port for Agents, With All the Same Caveats
The Model Context Protocol comparison that keeps surfacing in the industry is “USB-C for AI applications.” The metaphor is useful but incomplete. USB-C standardized a connector; it did not make every cable, charger, display, and power profile equally safe or equally capable. MCP has the same tension.A common protocol can reduce the cost of connecting agents to tools. It can also make it easier for tool providers to expose capabilities once and have multiple agent platforms consume them. That is valuable in a world where developers are already drowning in competing SDKs, plugin formats, app manifests, and orchestration patterns.
But standardization can create false confidence if buyers confuse connectivity with governance. An MCP server that exposes powerful tools still needs policy, authentication, observability, and lifecycle management. Enterprises will need to ask not just whether an app supports MCP, but who controls the server, how scopes are granted, where logs live, how secrets are handled, and what happens when tools change.
Merge’s bet is that enterprises will want a managed MCP layer rather than a sprawling collection of ad hoc MCP servers attached to individual agents. That is a credible bet. The more agents an organization deploys, the less attractive it becomes to manage connectivity as a set of isolated experiments.
The SaaS Sprawl Problem Comes Back Wearing an AI Badge
There is a deeper irony here. The enterprise software industry spent the past decade creating the SaaS sprawl that AI agents now promise to tame. Every department adopted specialized tools, each with its own workflow, permission model, data schema, and integration surface. Now the proposed solution is to add agents that can move across those tools on behalf of users.That can be powerful, but it can also hide complexity rather than remove it. An agent that updates a CRM record still depends on the CRM’s data quality. An agent that opens a ticket in Jira still depends on the organization’s ticket taxonomy. An agent that touches HR systems still has to navigate policy, privacy, and local regulatory constraints.
The strongest case for Agent Handler is not that it magically simplifies all of this. It is that it gives enterprises a more realistic place to manage the complexity. Instead of embedding connector logic inside every agent, organizations can centralize permissions, monitoring, and tool exposure through a shared infrastructure layer.
That design also makes the failure modes easier to reason about. If an agent behaves badly, admins need to know whether the problem came from the prompt, the model, the tool definition, the connector, the identity mapping, or the downstream application. A centralized handler cannot make that investigation painless, but it can make it possible.
Copilot’s Enterprise Future Depends on Boring Administrative Details
Consumer AI products win attention through frontier model performance and dramatic demos. Enterprise AI wins renewals through boring things: admin consoles, logs, permission inheritance, records retention, tenant boundaries, procurement approval, and support tickets that get answered before a CFO loses patience.That is why this announcement lands at an important moment for Microsoft 365 Copilot. Microsoft has already convinced many organizations to pilot or purchase Copilot licenses. The harder challenge is proving sustained value beyond writing assistance and document summarization. The agent story is Microsoft’s answer, but agents intensify every governance question that already surrounds Copilot.
In a Windows and Microsoft 365 environment, the identity story is usually the first line of defense. Entra ID, Microsoft Graph, Teams app governance, Microsoft 365 admin controls, and Purview-style compliance expectations all shape how customers think about deployment. A third-party agent connectivity layer has to fit into that mental model, not ask IT to build a parallel universe.
Merge’s emphasis on SSO, SCIM, role-based access, DLP, and auditability is therefore not incidental. It is the company speaking the language of the buyers who can say no. Business users may want the agent that files expense-related tickets and updates customer notes; IT wants to know how to shut it off, narrow it down, and explain what happened after the fact.
The “Install Once” Promise Will Meet Real-World Tenant Politics
The press release says administrators will be able to install Agent Handler once and enable connectivity for employees. That is the sort of claim that sounds wonderfully simple until it runs into the internal politics of a large tenant.In many enterprises, no single admin team fully owns every system an agent might touch. HR owns Workday policy. Sales operations owns Salesforce fields and workflows. Finance owns NetSuite or QuickBooks controls. IT owns identity and endpoint posture. Security owns monitoring and incident response. Legal and compliance own retention, data access, and sometimes the right to say “absolutely not.”
A central connector layer can help coordinate those stakeholders, but it does not make their interests identical. The real adoption curve will depend on how granular Agent Handler’s controls are, how intelligible they are to non-developer administrators, and how well they support phased rollout. The safest path will likely begin with read-only use cases, low-risk actions, tightly scoped groups, and heavy logging before moving into write operations against sensitive systems.
That is not a criticism so much as a reminder. Enterprise AI is not blocked only by technology. It is blocked by trust, ownership, and the mundane fact that businesses have spent years building controls around the very systems agents now want to operate.
The Agent Store Could Turn Connectors Into a New Enterprise Battleground
If Microsoft’s Agent Store becomes a meaningful distribution channel, connector platforms will become more strategically important. The winners will not simply be the companies with the longest list of logos. They will be the ones that can prove reliability, security, administrative control, and clear economics at scale.Merge is entering that fight with a strong message: agents need a production-grade action layer. But it will not be alone. Microsoft itself has Copilot Studio, Power Platform connectors, Graph connectors, Azure integration services, and a sprawling partner ecosystem. Other AI platforms and integration vendors are also converging around MCP, agent tools, and managed connectors.
That competitive overlap could be healthy if it gives customers options. It could also become confusing if every vendor defines “agent connector,” “tool,” “action,” “gateway,” and “governance” slightly differently. Enterprise buyers should expect a period of vocabulary inflation before the market settles into clearer categories.
For Microsoft, the trick is to encourage the ecosystem without losing the coherence that made Microsoft 365 attractive in the first place. If the Agent Store becomes a dumping ground of uneven agents and overlapping connectors, admins will tighten the gates. If it becomes a curated control point with credible governance signals, it could become one of the more important enterprise software marketplaces of the AI era.
The Practical Test Will Be the First Failed Action
Every agent platform looks best in the happy path. The user asks for a customer update, the agent finds the right CRM record, writes the right note, and returns a neat confirmation in Teams. The real test comes when the user is ambiguous, the CRM has duplicates, the downstream API is unavailable, the user lacks permission, or the requested action violates company policy.That is where production systems earn trust. Does the agent ask for clarification? Does it present a preview before writing? Does the connector return a useful error? Does the log show enough detail to reconstruct the event? Can an administrator disable one dangerous action without disabling the entire integration?
Merge’s announcement suggests that these questions are central to Agent Handler’s value proposition, but customers should press for specifics during rollout. The phrase “hundreds of business applications” is impressive, yet breadth is only half the story. For high-value workflows, depth matters more: field-level permissions, action-level controls, schema awareness, error handling, and transparent audit records.
The other practical test is latency and reliability. Employees will not adopt agent workflows if the old way is faster and more predictable. The agent has to be not only clever but operationally dependable, especially when it is sitting inside tools like Outlook and Teams where users expect immediate feedback.
Where WindowsForum Readers Should Focus When This Lands
The arrival of Merge Agent Handler on the Microsoft Agent Store should be read as a signal that Microsoft 365 agents are moving from conversation toward transaction. That shift brings opportunity, but also a new layer of administrative responsibility that should not be delegated entirely to vendor enthusiasm.- Organizations should treat agent tool access as a privileged integration surface, not as a harmless extension of chat.
- Administrators should begin with narrow scopes, limited user groups, and read-only workflows before allowing agents to write into systems of record.
- Security teams should demand action-level audit logs that show what the agent did, which user context it used, and which downstream system was touched.
- Business teams should identify workflows where cross-application friction is genuinely costly, rather than connecting agents to apps simply because the connector exists.
- Microsoft 365 customers should watch how Agent Store governance evolves, because the store may become the practical control plane for approving and managing workplace agents.
- Buyers should compare connector platforms on policy depth, failure handling, and operational transparency, not just the number of supported applications.
Merge’s Microsoft Agent Store launch points toward a plausible future for Microsoft 365 Copilot: less chatbot, more operating layer for work. But that future will depend on whether vendors can make agentic action feel as governable as traditional enterprise software and as usable as the chat interfaces that made AI popular in the first place. If they can, the next big change in Microsoft 365 may not be what Copilot says — it will be what Copilot is finally allowed to do.
References
- Primary source: USA Today
Published: 2026-06-02T22:12:07.319213
Merge Launches Agent Handler on the Microsoft Agent Store, Expanding Agent Connectivity Across the Microsoft 365 Ecosystem
With Merge Agent Handler available on the Microsoft Agent Store, every Microsoft 365 customer can give agents secure,www.usatoday.com - Official source: learn.microsoft.com
Agent Store in Microsoft 365 Copilot
Learn about Agent Store in Microsoft 365 Copilot.learn.microsoft.com - Related coverage: docs.merge.dev
Merge API Documentation
Agent Handler is the production layer between your AI agent and the systems it acts on: hundreds of Connectors, OAuth and credential management per end user, a Security Gateway that scans every tool input and output, and observability over every call.
docs.merge.dev
- Related coverage: merge.dev
Merge Agent Handler
Securely connect your agents to thousands of third-party tools, while managing and monitoring all tool interactions
www.merge.dev
- Official source: developer.microsoft.com
Microsoft 365 Copilot | Extend and Customize Copilot
Extend, enrich, and customize Microsoft Microsoft 365 Copilot. Explore Copilot extensibility options such as agents, API plugins, and Copilot connectors to expand AI-powered productivity, skills, and creativity.developer.microsoft.com - Related coverage: docs.ah.merge.dev
- Related coverage: windowscentral.com
Copilot Cowork suddenly makes Microsoft 365’s AI‑centric E7 subscription far more compelling
Copilot Cowork makes Microsoft 365’s AI‑focused E7 subscription a stronger value proposition for $99 per month.
www.windowscentral.com
- Related coverage: techradar.com
Microsoft has unleashed Copilot AI agents on OneDrive
You can now interact with 20 OneDrive files in one go, instead of file-by-file, with OneDrive's new AI Agents.www.techradar.com
- Official source: adoption.microsoft.com
- Official source: techcommunity.microsoft.com
- Official source: microsoft.com