Microsoft Teams will soon give IT teams stronger control over uninvited meeting bots. From August 2026, administrators can automatically block detected external AI notetakers.
The change appears on the Microsoft 365 roadmap under ID 566201. It will reach Android, desktop, iOS, Mac, and web users. Microsoft plans availability for Worldwide Standard Multi-Tenant and GCC customers.
Today, many AI notetakers join meetings through calendar access. A user may approve one app once. After that, its bot can appear across many calls. It may record audio and create transcripts without clear host awareness.
Earlier controls gave meeting organisers more responsibility. Teams could detect a suspicious external bot and place it in the lobby. The organiser then had to decide whether to admit it.
Microsoft previously said:
“Organizers will be required to explicitly and separately admit these bots into the meeting, if really required.”
That step improved visibility. Yet it still relied on fast human judgment. Many meetings start under pressure. Organisers may miss warnings or approve unknown tools by mistake.
The new policy changes that workflow. Administrators can set a tenant-wide rule to block detected external bots automatically. The bot never reaches the lobby. The organiser never needs to make a live decision.
Microsoft will expose the control in the Teams Admin Center. It will sit under Meeting Join and Lobby settings. Admins can also use PowerShell through the ExternalBotAccessMode attribute.
There are three settings. AllowAllBots permits bot access without special handling. RequireApprovalWhenDetected keeps the current approval model. BlockDetectedBots denies detected external bots before entry.
This control targets third-party external bots only. It does not block Microsoft 365 Copilot. It also excludes bots registered as Entra ID applications inside the customer tenant.
That distinction matters for governance. Enterprises can block unknown tools while keeping approved internal AI services. They can also apply policies by group. Finance, legal, HR, and executive users may get stricter rules.
The move reflects rising concern around AI meeting assistants. Tools such as Otter, Fireflies, Read AI, and Fathom often join as guests. They can capture conversations and send transcripts to external cloud platforms.
That creates data protection questions. Under UK GDPR, organisations must explain how personal data gets processed. Silent recording by an unknown bot can create compliance risk.
However, automatic blocking will not solve every issue. Microsoft says some bots may still avoid detection. Detection depends on technical and behavioural signals during joining. A bot designed to look human may slip through.
False alerts can also happen. A real participant may appear suspicious. In approval mode, organisers can mark that person as not a bot. In full blocking mode, admins must consider user impact carefully.
There is also a market angle. Native meeting AI becomes more attractive when external bots face tighter controls. Irwin Lazar, principal analyst at Metrigy, described that shift clearly:
“Providing these kinds of capabilities at no additional charge demonstrates lower total cost of ownership compared to Microsoft, and eliminates the need for its customers to purchase third-party meeting recording and transcribing apps like Otter and Fireflies.”
For IT leaders, the message is clear. Meeting security now needs policy, not guesswork. Organisations should review approved AI tools, app permissions, recording rules, and user guidance before August.

