Skip to content
Tallyfy

Using Tallyfy MCP server with Microsoft Copilot Studio

Run your workflows from Microsoft Copilot Studio

Connect Tallyfy to Microsoft Copilot Studio and your team can run Tallyfy workflows by chatting with an AI agent. Ask an agent to start a process, assign tasks, or pull a status report, and it does the work in Tallyfy for you. If your company already runs on Microsoft tools, this fits right in.

Setup goes through a Power Platform custom connector, so it’s more involved than a plug-and-play chat tool. Someone comfortable with Power Apps or Power Automate handles it once, then everyone uses it. The full steps are under For developers.

What you can do

Once it’s connected, you talk to a Copilot Studio agent and it handles Tallyfy for you. For example, you can:

  • Split a process across several agents. Onboard a new hire and let one agent handle the HR tasks, another the IT setup, and another the training schedule, all tracked in one Tallyfy process.
  • Tie Tallyfy into the rest of your Microsoft tools. Start a Tallyfy process when a new deal shows up in Dynamics 365, open a Teams channel for it, and report progress in Power BI.
  • Run compliance and audit work. Review this quarter’s audit processes and generate a report in SharePoint, with anything that breaks the rules flagged for the compliance team.
  • Find and fix bottlenecks. Have an agent look across your processes, point out where work slows down, and suggest changes.

What you need

  • A Microsoft Copilot Studio license (trial or paid).
  • Your Tallyfy API key, from your organization settings.
  • Access to Power Apps or Power Automate, to build the connector.
  • Generative Orchestration turned on in your Copilot Studio agent.
  • An environment in a region where this is available.

Good to know

  • It takes real setup. You connect through a Power Platform custom connector, so plan for someone who knows Power Apps or Power Automate to wire it up and test it.
  • It costs more. MCP needs Generative Orchestration, which is an add-on, and your monthly message limit depends on your plan (roughly 25,000 to 200,000 messages). Some features need their own Power Platform licenses too.
  • It’s region-limited. MCP and some preview features aren’t available everywhere yet, and data-residency rules may restrict where you can use it.
  • Heavy security adds a little delay. Extra protections like keeping traffic on a private network add a few milliseconds, and large result lists come back split into pages.

Is it secure?

Yes. It runs on Microsoft’s own security. You sign in with your normal Microsoft account through OAuth1, and your IT team can add the same protections they use for other Microsoft apps: keeping traffic on a private network, blocking sensitive data from leaving, requiring a second sign-in step, and keeping full audit logs. Admins can see every connected agent in the Microsoft 365 admin center. The exact settings are under For developers.

For developers

(Skip this unless you’re setting up the technical side.)

Server endpoint and support status

The MCP server is hosted at https://mcp.tallyfy.com/ and exposes 107 tools across 12 categories. It’s listed on the Official MCP Registry as com.tallyfy/mcp-server. Copilot Studio connects via streamable HTTP with OAuth 2.1.

Tallyfy is already a Microsoft Verified Publisher with a Power Automate connector that’s been live for years, so the MCP path is the natural next step for AI-driven workflow ops on the Microsoft stack. Direct MCP support inside Copilot Studio (skipping the custom-connector wrapper) is under active investigation with Microsoft.

MCP server support is generally available in Copilot Studio as of early 2026:

  • Transport: Streamable HTTP only (SSE is deprecated)
  • MCP resources: Files and images supported in responses
  • Enterprise features: VNet integration, DLP, multiple auth methods
  • Admin visibility: MCP-enabled agents visible in M365 admin center
  • Platform integration: Native Power Platform connector infrastructure
  • Prebuilt connectors: GitHub, Asana, Jira, Dataverse, Dynamics 365, Microsoft Fabric
  • Governance: MCP governed by Agentic AI Foundation under Linux Foundation (December 2025); Microsoft is a founding member

The server uses OAuth 2.1 with PKCE for authentication. Discovery starts at /.well-known/oauth-authorization-server (per RFC 8414), and scopes use dot notation like mcp.tasks.read, mcp.processes.write, and so on.

Prerequisites

  • Microsoft Copilot Studio license (trial or paid)
  • Tallyfy API key from your organization settings
  • Power Apps or Power Automate access (for custom connectors)
  • Generative Orchestration enabled in your Copilot Studio agent
  • Environment in a supported region (check Microsoft docs for availability)

Set up the connector

  1. Connect to Tallyfy’s MCP server

    Tallyfy provides a hosted MCP server at https://mcp.tallyfy.com that exposes 107 tools across 12 categories for managing tasks, processes, templates, users, form fields, kickoff fields, automation, and more. You don’t need to build your own MCP server - instead, you’ll create a connector that points to Tallyfy’s existing server.

    The server uses OAuth 2.1 with PKCE for authentication. Discovery starts at /.well-known/oauth-authorization-server (per RFC 8414), and scopes use dot notation like mcp.tasks.read, mcp.processes.write, etc.

  2. Create an OpenAPI specification

    Create a YAML file describing the MCP server for the Power Platform connector:

    swagger: '2.0'
    info:
      title: Tallyfy MCP Server
      description: MCP server for Tallyfy workflow management
      version: 1.0.0
    host: mcp.tallyfy.com
    basePath: /
    schemes:
      - https
    paths:
      /mcp:
        post:
          summary: Tallyfy Workflow Management Server
          x-ms-agentic-protocol: mcp-streamable-1.0
          operationId: InvokeMCP
          parameters:
            - name: Authorization
              in: header
              required: true
              type: string
              description: Bearer token for authentication
          responses:
            '200':
              description: Success
    securityDefinitions:
      apiKey:
        type: apiKey
        in: header
        name: Authorization

  3. Create a custom connector in Power Apps

    1. Navigate to your Copilot Studio agent
    2. Go to ToolsAdd a toolNew toolCustom connector
    3. In Power Apps, select New custom connectorImport OpenAPI file
    4. Import your YAML specification and configure authentication

  4. Configure authentication

    In the connector configuration:

    • Set authentication type to API Key
    • Configure the header name as Authorization
    • Set the prefix to Bearer
    • Test the connection with your Tallyfy API key

  5. Add the MCP connector to your agent

    Back in Copilot Studio:

    1. Select ToolsAdd a toolModel Context Protocol
    2. Choose your Tallyfy MCP connector from the list
    3. Authorize the connection with your credentials
    4. Select Add to agent or Add and configure

  6. Configure DLP policies (optional)

    For enterprise deployments:

    1. Navigate to Power Platform Admin Center
    2. Create DLP policies to control data flow
    3. Apply policies to your Copilot Studio environment
    4. Configure connector classifications (Business/Non-Business/Blocked)

  7. Test the integration

    In your Copilot Studio agent, try queries like:

    "Find all open tasks assigned to the sales team"
    "Show me overdue processes for customer onboarding"
    "Create a task for reviewing the Q4 budget"

How the pieces connect

This diagram shows how Tallyfy’s MCP server connects with Copilot Studio through Power Platform infrastructure.

Diagram

What to notice:

  • Setup involves multiple Microsoft services (Azure, Power Apps, Copilot Studio) configured in sequence
  • Authentication happens at the Power Apps connector level using your Tallyfy API key
  • DLP policies add a security layer for enterprise deployments

Multi-agent orchestration

Copilot Studio can coordinate multiple specialized agents for workflows like employee onboarding.

Diagram

What to notice:

  • The Primary Agent acts as an orchestrator, delegating to specialized agents
  • Each agent creates and manages its tasks through Tallyfy’s API
  • All progress is monitored through Tallyfy’s tracker view

A few worked examples of agents in action:

  • Multi-agent onboarding. Prompt: “Start the employee onboarding process for Jane Smith, assign tasks to HR and IT, and schedule training sessions.” The primary agent receives the request, delegates documentation tasks to the HR agent (via Tallyfy), system-access setup to the IT agent, and session scheduling to the Training agent, monitors progress across all of them, and reports a consolidated status back to you.
  • Power Platform integration. Prompt: “When a new sales opportunity is created in Dynamics 365, start our proposal process in Tallyfy and create a Teams channel for collaboration.” A Power Automate flow triggers on the Dynamics 365 opportunity, the MCP server creates a Tallyfy process instance, the Teams connector creates a dedicated channel, and the agent monitors and reports progress.
  • Enterprise compliance. Prompt: “Review all completed audit processes this quarter and generate a compliance report with any violations highlighted.” The agent queries Tallyfy for audit process data, analyzes completion times against SLAs, checks for required approvals, generates a formatted report in SharePoint, and routes it to the compliance team if violations are found.

More example prompts that work well here:

  • “When a purchase order exceeds $50,000 in Dynamics 365, initiate our approval workflow in Tallyfy, notify team leads in Teams, and track in Power BI.”
  • “Monitor all SOX compliance processes, ensure proper segregation of duties, and generate audit reports with full trail documentation.”
  • “Coordinate our product launch process across marketing, sales, and operations teams, with each department’s agent handling their specific tasks.”
  • “Analyze our customer service processes to identify bottlenecks, suggest optimizations, and automatically implement approved changes.”
  • “Manage our FDA submission process with full audit trails, approval chains, and automatic compliance checking at each step.”

Multi-agent setups delegate tasks between specialized agents, keep context across agent handoffs, give you central monitoring of the whole workflow, and include built-in error handling and fallback.

Power Platform features

  • Power Automate flows - trigger workflows from MCP actions
  • Power Apps integration - build custom UIs for Tallyfy data
  • Dataverse storage - store workflow metadata in Microsoft’s database
  • Power BI reporting - create dashboards from Tallyfy analytics

Copilot Studio also gives you a tools and prompts framework: a prompt library to create and share custom prompts across agents, a tool catalog to browse and install prebuilt MCP connectors, version control to track changes to tools and prompts, and a testing framework to validate tools before deployment.

Enterprise architecture

Recommended architecture for large organizations needing high availability and security.

Diagram

What to notice:

  • Multiple MCP server instances provide high availability behind a load balancer
  • Security is layered with WAF, DLP policies, and VNet isolation
  • Managed identities remove the need to store credentials in code

Common deployment shapes, from simplest to most involved:

Basic (small organizations)

[Copilot Studio] → [Custom Connector] → [Tallyfy MCP Server] → [Tallyfy API]

Enterprise (large organizations)

[Copilot Studio]
    ↓ (VNet Integration)
[API Management]
    ↓ (Private Endpoint)
[App Service Environment]
    ├── [MCP Proxy Instance 1]
    ├── [MCP Proxy Instance 2]
    └── [Load Balancer]
         ↓ (Managed Identity)
    [Tallyfy MCP Server]

Hybrid (multi-cloud)

[Copilot Studio] → [ExpressRoute] → [On-premises Proxy] → [Tallyfy MCP Server]
                 ↘                                        ↗
                   [Azure Proxy] → [Tallyfy MCP Server]

Security

  • Network security - deploy within VNet for isolation, use Private Endpoints, implement WAF rules, enable DDoS protection.
  • Authentication - use Azure AD, implement service principal auth for server-to-server, apply conditional access policies, enable MFA.
  • Data protection - classify data sensitivity levels, apply DLP policies, enable encryption at rest and in transit.
  • Monitoring - enable Azure Monitor, configure anomaly alerts, maintain audit logs for compliance.

You also get Microsoft’s enterprise features directly: VNet integration to isolate MCP traffic within your network, Data Loss Prevention (DLP) policies to prevent data exfiltration, Azure AD authentication that reuses your existing identity management, and inherited Microsoft compliance certifications.

Limitations

  • Licensing complexity - MCP requires Generative Orchestration (additional cost), message limits vary by plan (25K to 200K messages/month), some features need Power Platform licenses too, and multi-agent orchestration may still be in preview for some customers.
  • Regional availability - MCP is available in limited regions initially, data residency requirements may restrict usage, and preview features are often US-only at launch.
  • Connector development overhead - you must create OpenAPI specifications, Power Apps/Automate knowledge is needed, testing takes longer than direct MCP connections, and versioning or updates require republishing.
  • Performance considerations - DLP policy evaluation adds processing time, VNet routing increases response times (10-50ms typically), large result sets require pagination, and rate limits are shared across Power Platform.

Best practices

  1. Start with prebuilt connectors - use Microsoft’s MCP connectors as templates
  2. Implement retry logic - handle transient failures gracefully
  3. Use managed identities - never store credentials in code
  4. Monitor usage - track message consumption against limits
  5. Plan for scale - design for multi-agent scenarios from the start
  6. Test extensively - use Copilot Studio’s testing framework

Known issues and workarounds

  1. SSE not supported - use Streamable HTTP for all implementations
  2. Tool naming conflicts - prefix Tallyfy tools to avoid collisions with other MCP servers
  3. Large payloads - implement pagination for result sets over 100 items
  4. Session timeout - implement keep-alive mechanisms for long-running operations
  5. Regional latency - deploy connectors in same region as Copilot Studio
  6. Resource rendering - files and images in responses may need extra handling in custom UIs
  7. Admin center visibility - MCP-enabled agents must be registered to appear in M365 admin center

What’s coming

Microsoft keeps expanding this: wider GA coverage and more regions, Agent 365 as a unified control plane for AI agents, better debugging tools, more prebuilt enterprise connectors (GitHub, Asana, and Jira are already available), zero-trust architecture with full M365 admin governance, and performance improvements. Microsoft is a founding member of the Agentic AI Foundation, which signals continued commitment to MCP as an industry standard.

Footnotes

  1. OAuth is the standard that lets you sign in to one app using another account, without sharing your password.

Get in touch
About Tallyfy