Microsoft says Teams will soon automatically tag third-party bots in lobbies, allowing organizers to control whether they can join meetings.

As detailed in a new Microsoft 365 roadmap entry, the feature is currently in development and scheduled to roll out in May 2026. When it reaches general availability, it will be available across Windows, macOS, Android, and iOS platforms for worldwide standard multi-tenant and GCC cloud environments.

After the rollout, external third-party bots attempting to join a Teams meeting will be distinctly labeled in the lobby rather than blending in with human participants.

Organizers will then have to explicitly allow the bot to join the meeting, ensuring it cannot be accidentally accepted alongside a group of human attendees.

"During Teams meetings, if there is an external 3P bot trying to join the meeting, organizers will be able to see a clear representation of the bots while they wait in the lobby. Organizers will be required to explicitly and separately admit these bots into the meeting, if really required," Microsoft said.

"This approach will ensure that no one inadvertently accepts the external bots into the meeting ensuring that the organizers have full control over the presence of these bots."

The change ensures that malicious apps controlled by threat actors or third-party bots (used for note-taking, transcription, or other automated tasks) cannot join Teams meetings without attendees realizing that a non-human participant has been added.

In January, Microsoft announced that Teams will get a call reporting feature by mid-March, allowing users to flag suspicious or unwanted calls as potential scams or phishing attempts.

Teams has also added new fraud-protection features for calls, warning users about external callers impersonating trusted organizations in social-engineering attacks.

Starting in December, admins can block external Teams users via the Defender portal to thwart cybercrime gangs(including ransomware groups) that attempt to abuse the video conferencing and collaboration platform in social engineering attacks targeting victims' employees.