This week is all about making Intune notifications smarter by using a Copilot agent. Agents enable organizations to extend to capabilities of Microsoft 365 Copilot in new ways, by customizing the Copilot experience to fit their needs. Those agents can be connected to specific organization knowledge and data sources. Besides that, those agents can also be used for automating and executing business processes. That basically means that those AI-driven agents can be used to perform a wide variety of tasks, including automating repetitive tasks, providing insights and supporting users. And those users include IT administrators. For Intune notifications that means that an agent can help with gathering information, making it presentable, and directly providing IT administrators with actionable steps to address the trigger of the notification. This post will focus on creating a Copilot agent that will act on messages that are stored in a Dataverse table and notify the IT administrator about follow-up actions. That makes the Dataverse table the knowledge and data source for the agent. The differentiation for the different products is that the Logic apps are used for gathering information on IT services, while the Power Platform is used for the interaction with the user.
Important: A big thank you to my colleague Thijs Soepenberg for talking me through the basics and getting started.
Note: This post is purely meant to provide inspiration and to briefly show what can be relatively easy achieved.
Important starting point for smarter notifications
This post uses this post about monitoring Apple MDM push certificate with Azure Logic Apps and Adaptive Cards for Teams as a starting point. That post was focussed on an easy solution for monitoring the Apple MDM push certificate in Microsoft Intune. As soon as the certificate would come close to expiration, the IT administrator would receive a notification in Microsoft Teams that would link to the documentation for more information. That same framework would be the starting point for making the notifications smarter by using a Copilot agent. The same trigger and the same query, just the response will be different. Instead of using the Logic app for sending the notifications via Microsoft Teams, the Logic app will be used for sending information to a Dataverse table. To get ready for that, the following two things need to be in place.
- Create a Dataverse table: Create a new table in Dataverse. For this example, that table should at least include a column to store information about the name of the flow that added the information, a column that contains the status of the flow, a column that contain the response from the HTTP request, and a column that contains the URL to the Microsoft documentation. That information will be used by the Copilot agent.
- Add a row to Dataverse table: Add a new row to the Dataverse table. For this example, the Logic app should include an action to add a new row to the Dataverse table. That action should at least include a property for the name of the flow, a property for the status of the flow, a property for the response from the HTTP request, and a property that contains the URL to the Microsoft documentation.
Note: The same is basically applicable to any other endpoint in Microsoft Intune that an IT administrator is monitoring.
Configuring a Copilot agent that triggers on specific events
When looking at making the Intune notifications smarter, the easiest thing to do is to look at adding a little bit of AI in the mix. All with the intention of making it just a little bit easier for the IT administrator to handle the notifications and potential follow-up actions. That can be achieved by adding a Copilot agent in to the mix. That agent can be tasked with following up with the events that are being send to the Dataverse table. Based on specific events, from specific flows, the agent can perform actions. The main actions in this example are to retrieve information, to summarize that information, to enrich information and to create a summary of the actions that the IT administrator should perform. The following three steps walk through the process of creating such an agent and can be used as an inspiration to achieve a lot more.
Step 1: Configuring the Copilot agent
The Copilot agent is the piece of intelligence that automatically acts based on specific events, from specific flows. That can be as broadly configured as needed. This example, however, will be pretty focused on a specific action, but can easily be adjusted and enhanced. To get started, make sure to create a new empty Copilot agent. That agent will be configured with a trigger (when to perform an action), an instruction (description of what it should do), and the actual action (the task to perform).
General instructions
There are many different roads that can be taken to get to the end goal. In practice that often means a lot of tuning of the general instructions of the agent. Mainly because the instructions should clearly describe the different tasks that should be performed. And, especially those tasks, often don’t exist when starting with writing the instructions of the agent. In this case, all the information is already available and the outlines of the agent are known. Below is an overview of the instructions of this specific agent. Those instructions are written in natural language. That’s also why it’s really important to thoroughly test the agent, to make sure that the agent interprets the instructions as how they were intended.
### Give a summary of the actions that should be performed
- Provide an overview of the properties 'Apple ID', 'Subject ID', 'Last modified' ,'Experation', 'Serial number' that are available in the JSON in the 'ins_intuneadministrationtaskinformation' column from the trigger.
- Add an additional property 'Days until experation' by calculating the number of days from now until the experation.
- Provide a summary of the actions based on the URL in the 'ins_intunelearndocs' column from the trigger by requesting the webpage.
- Format the text by first providing the overview of the properties, in which the property names are formatted bold, followed by the summary of the actions. In both cases format the header bold.
- The generated text should not be using special characters and should be compatible with an adapative card. Replace double quotes with single quotes.
### Send a message to the IT team
- Fire the action 'flowMEventAdaptiveCard' to send the message
- Use the summary from the previous step of the 'ins_intunelearndocs' column and the 'ins_intuneadministrationtaskinformation' column as input variableThat information can be added to the General instructions of the agent, as shown below in Figure 1. Besides that, for future references, make sure to add a fitting name and a clear description of the agent.
Step 2: Configuring the Power Automate flow that contains the trigger
Another important configuration for the Copilot agent, is the configuration of the trigger. The trigger will make sure that the agent activates when specific events occur. That trigger can be added via the configuration of the agent, and is actually a pretty straightforward flow in Power Automate. In this case the agent should activate when a new row was added (or modified) in the Dataverse table. And to make it more specific, it should activate when specific values have occurred. That makes it important that at least the following parameters are configured in a similar fashion as shown below in Figure 2.
- Change type: Select Added or Modified to make sure that it responds to added or modified rows
- Table name: Specify the name of the table that should be monitored by the agent
- Scope: Specify the scope of the should be monitored by the agent
- Filter rows: Specify the filter (OData style) for specific conditions that should be monitored by the agent
Step 3: Configuring the Power Automate flow that contains the action
That leaves the actual action of the Copilot agent, as the minimal last required step to configure. The action can be used by the agent to actually perform some predefined automated steps. That trigger can be added via the configuration of the agent and is in this case actually also a pretty straightforward flow in Power Automate. The action should post an adaptive card in a Teams chat or channel. For that it’s possible use a similar adaptive card as before. The main difference, however, is that the biggest part of the text will now be generated by the agent. An example is shown below.
{
"$schema": "http://adaptivecards.io/schemas/adaptive-card.json",
"type": "AdaptiveCard",
"version": "1.0",
"body": [
{
"type": "TextBlock",
"text": "Apple MDM push certificate is almost expired",
"weight": "bolder",
"size": "medium",
"wrap": true,
"id": "acTitle"
},
{
"type": "TextBlock",
"text": "Please take action by renewing the Apple MDM push certificate",
"weight": "bolder",
"wrap": true,
"id": "acSubHeader"
},
{
"type": "TextBlock",
"text": "The Apple MDM push certificate is almost expired and the information below provides an overview of the certificate and the expiration date. Have a look at the documentation to get a refresher of the actions to perform and take imediate action",
"wrap": true,
"id": "acDescriptionArea1"
},
{
"type": "TextBlock",
"text": "@{513A3009-9AE2-4428-939B-A0BBD64FC2BA}",
"wrap": true,
"id": "acDescriptionArea2"
}
],
"actions": [
{
"type": "Action.OpenUrl",
"title": "Take action",
"url": "https://intune.microsoft.com/"
},
{
"type": "Action.OpenUrl",
"title": "Documentation",
"url": "https://docs.microsoft.com/en-gb/mem/intune/enrollment/apple-mdm-push-certificate-get#renew-apple-mdm-push-certificate"
}
]
}That adaptive card relies on the summary that is created by the agent. That requires the flow to start a step that takes a parameter named Summary. That parameter enables the agent to pass on its summary to the flow. On top of that, it also enables the use of that summary again within the adaptive card. It all comes together in the step Post card in chat or channel, as shown below in Figure 3. That contains the adaptive card look-and-feel and includes the summary provided by the agent.
Experiencing the smarter notifications
After putting all the bits and pieces together, it’s pretty straightforward to experience the smarter notifications. In this case the agent does a couple of basic actions for the IT administrator. That includes providing an overview of the most important properties of the expiring certificate and enriching that information with a simple calculation of the number of days until the expiration. On top of that the agent provides the IT administrator immediately with a brief summary of the actions that should be performed to renew the certificate. All of that together will be sent to the IT administrator, or IT administrators, and provides them directly with all the required steps that are needed to renew the certificate before it expired, as shown below in Figure 4.
Together that all makes this a pretty straightforward example of what can be achieved when adding a little bit AI in to the mix. And that’s also what this is, a simple example. Hopefully, though, this is an example that triggers to be creative on what else can be achieved. Think about other events that the agents should react to, other information that the agent should use to enrich data, or other (direct) actions that the agent should perform.
Of course, the data can also be stored in different locations. In this case, however, it brings the data directly into the Power Platform, which directly enables easy integration with all the solutions within that platform. Think about easy reporting, and easy app creation. The latter, for example, can be a really good replacement for those steps in Logic app workflows that are waiting for a response and are just waiting and waiting. The former can help with providing great insights about what has been happening within the environment and what the success rate has been.
Note: With the arrival of Security Copilot agents something like this might even get easier to create on very short term.
More information
For more information about the different subjects that are used throughout this post, refer to the following docs.
- Adaptive Cards | A whole new way to deliver UI
- Power Automate vs Logic Apps | Microsoft Docs
- Get applePushNotificationCertificate – Microsoft Graph v1.0 | Microsoft Learn
- AI-based agent authoring overview – Microsoft Copilot Studio | Microsoft Learn
Discover more from All about Microsoft Intune
Subscribe to get the latest posts sent to your email.
Thanks for putting this together. I’ll be reviewing it closely and incorporating it. I noticed you mentioned Logic Apps, but the screenshots seem to show Power Automate — was that a typo? Personally, I prefer to avoid the Power Platform’s licensing requirements and the artificial limitations that can complicate solution maintenance, so I appreciated your focus on Logic Apps.
Hi Alex,
In this case it’s a combination between Logic apps and Power Platform. This post is an addition to an earlier post that was about the Logic app process and this post adds on to that.
Regards, Peter
PS: Keep in mind that there is now also a pay-as-you-go option: https://learn.microsoft.com/en-us/power-platform/admin/pay-as-you-go-overview