> For the complete documentation index, see [llms.txt](https://docs.unitone.ai/iqstudio/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://docs.unitone.ai/iqstudio/readme.md).

# IQStudio

**IQStudio by UNITONE** is an agent lifecycle management portal for Microsoft 365 and Azure. It discovers, governs, and manages AI agents across your tenant from a single console.

IQStudio deploys into your own Azure subscription. Your data stays in your tenant — UNITONE has zero access to your environment.

## What it does

* **Discovers** agents across Copilot Studio, Entra Agent ID, Agent Registry, Copilot Catalog, Teams, Microsoft Foundry, and Windows 365 Cloud PCs
* **Detects external AI tools** — third-party AI apps, extensions, and services across the tenant, correlated from Microsoft and provider signals
* **Assigns identities** via Entra Agent ID blueprints and sponsors
* **Enforces governance** with Conditional Access policies, risk scoring, and compliance templates
* **Automates governance** with the Autopilot rules engine -- monitors agents on a recurring cycle and generates recommendations or executes actions automatically
* **Detects prompt injection** on the in-portal AI chat via the Microsoft Agent Governance Toolkit
* **Provides AI assistance** through Autopilot AI Chat -- a conversational governance assistant powered by Azure OpenAI
* **Tracks analytics** including dashboard metrics, security scores, and governance trends
* **Routes model traffic** through the AI Gateway -- a per-tenant LLM proxy with per-agent virtual keys, budgets, rate limits, and a full spend and audit trail
* **Controls updates** with admin-triggered version upgrades via Azure Automation

## Getting started

1. [Check prerequisites](/iqstudio/deployment/prerequisites.md)
2. Deploy via [Azure Marketplace](/iqstudio/deployment/azure-marketplace.md) or [ARM template](/iqstudio/deployment/direct-deploy.md)
3. [Run the setup script](/iqstudio/deployment/setup-script.md) to connect to your Microsoft 365 tenant
4. Sign in to the portal. The first authenticated user is auto-promoted to Admin.

## Architecture

IQStudio follows the customer-deployed SaaS model. The full stack (API, web portal, database, monitoring) runs in your Azure subscription. UNITONE receives only a license heartbeat containing your tenant ID, version, agent count, and timestamp.

| Component              | Technology                                                   |
| ---------------------- | ------------------------------------------------------------ |
| API                    | ASP.NET Core 10 on Azure App Service (Linux B2)              |
| Web portal             | React 19 + Fluent UI v9                                      |
| Database               | Azure Cosmos DB Serverless                                   |
| Secrets                | Azure Key Vault                                              |
| Monitoring             | Application Insights + Log Analytics                         |
| Updates                | Azure Automation Account                                     |
| Auth (Azure resources) | System-assigned Managed Identity                             |
| Auth (Graph API)       | Per-customer app registration + Workload Identity Federation |


---

# Agent Instructions
This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com.

## Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter, and the optional `goal` query parameter:

```
GET https://docs.unitone.ai/iqstudio/readme.md?ask=<question>&goal=<endgoal>
```

`ask` is the immediate question: it should be specific, self-contained, and written in natural language.
`goal` is optional and describes the broader end goal you are ultimately trying to accomplish on behalf of the user. GitBook uses it to tailor the answer towards what is most useful for that goal.

The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.
