Microsoft is integrating its Purview compliance SDK directly into the Agent Framework SDK, enabling developers to embed data loss prevention policies, audit logging, and governance controls inside custom AI agent runtimes. Rollout begins late May 2026 and completes by late June, according to Microsoft 365 Roadmap ID 534609 published on May 8.

The integration works as middleware in the Agent Framework pipeline. When an agent processes a prompt or generates a response, the Purview SDK evaluates the content against configured organizational policies and returns a decision: allow, redact, or block. Interactions are logged for audit, eDiscovery, and communication compliance, according to Microsoft’s Security Community Blog.

What the Integration Covers

The SDK supports three enforcement levels: user-to-agent interactions, agent-to-agent communication, and multi-agent workflows. Developers implement it through the Agent Framework middleware layer. Existing Microsoft Purview policies and configurations remain unchanged unless explicitly invoked by the agent, meaning organizations don’t need to rebuild their compliance posture from scratch.

The integration is not enabled automatically. Developers must implement it within custom agents, and it requires a Microsoft Purview license that enables SDK usage.

The Agent 365 Context

This Purview SDK integration arrives eight days after Microsoft Agent 365 reached general availability on May 1 at $15 per user per month. Agent 365 assigns each AI agent its own Entra identity, applies Purview sensitivity labels as the basis for agent-level DLP, and extends Intune device management to local agents running on Windows endpoints, including OpenClaw, with GitHub Copilot CLI and Claude Code support planned.

The Purview SDK integration extends this governance model to custom-built agents outside the Microsoft 365 ecosystem. Where Agent 365 governs agents Microsoft can see (Copilot Studio, managed endpoints), the SDK pushes the same compliance controls into agents that developers build independently using the Agent Framework.

The Strategic Signal

Enterprise agent governance is splitting into two layers: platform-level controls (Agent 365 managing agent registries and identities) and runtime-level controls (Purview SDK enforcing policies inside the agent itself). Microsoft is building both.

For development teams already running custom agents against organizational data, the practical question is whether embedding compliance at the SDK level reduces the friction that has kept governance as a post-deployment concern. Microsoft’s bet is that governance-as-middleware, where policies travel with the agent rather than being applied after the fact, is easier to adopt than governance-as-infrastructure.

The GitHub samples show roughly six lines of Python to wire Purview into an agent pipeline. Whether that simplicity survives contact with real enterprise policy configurations is the open question.