Merge pull request #284209 from JnHs/jh-copilot-manage89

prmerger-automator[bot] · web-flow · commit 19cbe6147804 · 2024-08-13T22:14:03.000Z
clarifications
diff --git a/articles/copilot/manage-access.md b/articles/copilot/manage-access.md
@@ -1,7 +1,7 @@
 ---
 title:  Manage access to Microsoft Copilot in Azure
 description: Learn how administrators can manage user access to Microsoft Copilot in Azure.
-ms.date: 05/28/2024
+ms.date: 08/13/2024
 ms.topic: how-to
 ms.service: copilot-for-azure
 ms.custom:
@@ -15,7 +15,12 @@ author: JnHs
 > [!NOTE]
 > We're currently in the process of rolling out Microsoft Copilot in Azure (preview) to all Azure tenants. We'll remove this note once the functionality is available to all users.
 
-By default, Copilot in Azure is available to all users in a tenant. However, [Global Administrators](/entra/identity/role-based-access-control/permissions-reference#global-administrator) can choose to control access to Copilot in Azure for their organization. If you turn off access for your tenant, you can still grant access to specific Microsoft Entra users or groups.
+By default, Copilot in Azure is available to all users in a tenant. However, [Global Administrators](/entra/identity/role-based-access-control/permissions-reference#global-administrator) can manage access to Copilot in Azure for their organization. Access can also be optionally granted to specific Microsoft Entra users or groups.
+
+If Copilot in Azure is not available for a user, they'll see an unauthorized message when they select the **Copilot** button in the Azure portal.
+
+> [!NOTE]
+> In some cases, your tenant may not have access to Copilot in Azure by default. Global Administrators can enable access by following the steps described in this article at any time.
 
 As always, Microsoft Copilot in Azure only has access to resources that the user has access to. It can only take actions that the user has permission to perform, and requires confirmation before making changes. Copilot in Azure complies with all existing access management rules and protections such as Azure role-based access control (Azure RBAC), Privileged Identity Management, Azure Policy, and resource locks.
 
@@ -44,6 +49,8 @@ Global Administrators for a tenant can change the **Access management** selectio
 > [!IMPORTANT]
 > In order to use Microsoft Copilot in Azure, your organization must allow websocket connections to `https://directline.botframework.com`. Please ask your network administrator to enable this connection.
 
+
+
 ## Next steps
 
 - [Learn more about Microsoft Copilot in Azure](overview.md).
