Architecture overview (preview)
[This article is prerelease documentation and is subject to change.]
This article provides an overview of the architecture in Microsoft 365 Copilot for Finance (preview).
Architectural component layers
The architecture consists of the following component layers.
- Admin layer
- Client layer
- Service layer
- Storage and security layer
- Microsoft 365 and Microsoft Office data layer
- ERP data layer
Each layer is described in the following sections.
Admin layer
Copilot for Finance is integrated as copilot extensions within Microsoft Office: Outlook and Excel. The administrative layer of Copilot for Finance provides users with the ability to install and manage these Office add-ins.
Client layer
Copilot for Finance consists of two distinct client experiences - Copilot for Finance for Microsoft Outlook and Copilot for Finance for Microsoft Excel. The Outlook experience is developed as a third-party Outlook add-in and the Excel experience is developed as a third-party Excel add-in.
Both consist of a manifest, which describes how the add-in and app integrate into Outlook and Excel, and JavaScript/HTML, which makes up the User Interface (UI) of the experience. The UI for both experiences is cloud-hosted and fully managed by Microsoft. None of the UI or business logic for Copilot for Finance is shipped as client-side code in Excel or Outlook. Therefore, customers don't need to manage the application lifecycle for the Copilot for Finance client or server-side components. For more information, see the Application Lifecycle Management section.
The Copilot for Finance client only stores minimal setup and settings data in the local browser-based application storage and no personal or other customer data outside of settings persists locally.
Service layer
The Copilot for Finance service layer consists of the Cloud Hosted Copilot for Finance Experiences, which are served to the Copilot for Finance client experiences, and Core Business Logic Layer, which processes and combines ERP data, MS Graph Data (for example, E-Mails, Meetings), Azure OpenAI generated data. All Copilot for Finance services are hosted on the Microsoft Azure cloud to provide a resilient foundation to help meet organizational compliance, reliability, availability, and disaster recovery needs.
The Copilot for Finance data layer consists of three distinct sets of data.
- MS Graph Data: The end user’s existing Microsoft 365/Office Data (E-Mails, Meetings, etc.) are stored in Microsoft Graph.
- ERP Data: The customer’s ERP data is only stored in the existing ERP system (SAP, Dynamics Finance and Operations, …), which serves as the system of record for all ERP entities.
- Non-ERP related data: Copilot for Finance stores some non-ERP related data in customer’s Power Platform Dataverse. For example, email summaries, emails, and notes.
- Copilot for Finance Data: The customer’s Copilot for Finance data is generated through Copilot for Finance feature flows and doesn't fall into the previous definition for Office Data or ERP Data, Dataverse data. For example, Copilot for Finance settings or Copilot for Finance generated insights data.
Storage and security layer
Copilot for Finance always respects the data privacy, data security, data retention, and compliance boundaries of the underlying data store for data at rest and uses Transport Layer Security (TLS) to protect data in transit and doesn't store data outside any of the data stores described previously.
Microsoft 365 and Office data layer
The end-user’s Microsoft 365 and Office data is always accessed in the end user’s authentication context and referenced in two distinct ways:
- Read in real-time to enable insights scenarios, for example Generative AI e-mail replies, AI generated e-mail summaries, etc. The Microsoft 365 / Office data is only read in these scenarios and discarded after it's processed.
- Read in real-time to enable value in the customer’s ERP system, for example when e-mail data is copied from the Microsoft Graph to the customer’s ERP as activities or meeting transcripts are copied to Dataverse to enable extensibility scenarios.
ERP data layer
All ERP data access (read and write access) in Copilot for Finance is managed via real-time integrations with the underlying ERP system. Copilot for Finance doesn't copy any ERP data to other systems except when unique identifiers are used for mapping ERP environment and entities to Copilot for Finance specific data. For example, Copilot for Finance customer identifiers are used to map customers to nonfinancial data stores in Dataverse. In these scenarios, Copilot for Finance only stores the unique identifiers from the ERP system being referenced. Copilot for Finance fully respects the existing retention policies and compliance boundaries of the existing ERP system and Dataverse.
Copilot for Finance is designed and intended to work with a single ERP connection at a time. Copilot for Finance doesn't connect to multiple ERP or Dataverse instances at the same time, nor synchronize data between them. The data accessed and stored via Copilot for Finance is always scoped to the ERP that the end user is currently connected to.
Application lifecycle management
This section describes the application lifecycle management for Copilot for Finance.
Release cycle
There are two sets of release cycles for Copilot for Finance.
- Bi-Monthly product releases, which include major product capabilities.
- Ongoing service updates, which include product hotfixes and minor product changes.
Component overview
There are two distinct components that are relevant to the Copilot for Finance application lifecycle management.
- Copilot for Finance client add-in / app manifests, which are deployed as third-party Outlook add-in and third-party Excel app and describe the behavior of the add-in / app.
- Copilot for Finance service layer, which hosts the UI experiences for all Copilot for Finance add-ins / apps and the core service layer, containing front-end APIs, core business logic, data integration layer, and AI services.
Updates
Copilot for Finance client add-in and apps
The Copilot for Finance manifests for the Microsoft Outlook add-In and the Microsoft Excel add-In require occasional updates when new capabilities are introduced. These updates are rolled out by Microsoft as part of the bi-monthly product releases and is automatically pushed to all users who have the add-in / app installed without the need for an admin or end-user to take any action. In rare circumstances, Microsoft introduces new permissions as part of a bi-monthly release, which requires explicit consent and update from the admin or end-user. In these circumstances, admins and users see that a new update is available via the Microsoft 365 Admin Center. Additionally, Microsoft informs admins via the What’s New section of the Copilot for Finance documentation, and via the Microsoft Viva Blog. Customers aren't able to take advantage of the latest Copilot for Finance capabilities if they haven't applied the latest updates to the add-in / app.