Computer-using agents (CUAs) now deliver more secure UI at scale. When CUAs where introduced last year, Microsoft introduced their capabilities which allowed AI to see, understand and act across web and desktop application, the same as a person would. One of the drawbacks from the community was that the place that the agents would not scale was authentication.
With the latest updates in response to the customer and community feedback, CUAs in Microsoft Copilot Studio now offer additional choice of model, stronger security and governance and an easier scale so that more work can be automated in your web and desktop applications.
CUAs now support multiple foundation models, including Claude Sonnet 4.5 in addition to OpenAI’s CUA. This provides the flexibility to choose the best fit for each agent, based on the interface and the task. You can use the Open AI CUA for multi-step web and desktop flows or Anthropic Claude Sonnet 4.5 for high performance reasoning on dynamic user interfaces.
As provided by customer and community feedback, authentication should not be the reason that automation is stalled. CUAs now offers built-in credentials so that agents can perform application logins securely and can be reused across multiple agents and automations. This will eliminate the manual login prompts during execution which will enable fully unattended execution.
If you would need to update your Dataverse environment on a regular basis, built-in credentials would allow the agent to authenticate to your Dataverse environment automatically.
The New Computer use tool (currently in preview allows creating custom instructions or the use of preset prompt templates.
Once the instructions are provided or the template is selected, the new tool will allow to configure the model and credentials.
The selection of the credentials will allow choosing two credential storage options. The first would be Internal storage which would be stored in the Power Platform in encrypted format, while the other option would be using Azure Key Vault for enterprise grade secret management. These credentials are encrypted and never exposed to the AI model, so that only authorized agents will be able to use them.