For years, a quiet workhorse kept watch over Power Platform environments in tens of thousands of organizations. It wasn’t flashy, and it was never an official Microsoft product. But the CoE Starter Kit did something the platform itself couldn’t: it shined a light into the corners of a tenant that would otherwise go unexamined.
That era is ending. If your Power Platform governance strategy leans on the kit, the time to plan your next move is now.
The kit was a community-driven accelerator: a collection of model-driven apps, Dataverse tables, Power Automate flows, and Power BI reports, maintained by Microsoft employees but outside the normal product support structure. In February 2026, Microsoft released its final major monthly updates to the Power Platform Center of Excellence Starter Kit. Minor incremental updates will follow. But in May 2026, Microsoft officially confirmed that the toolkit is no longer actively maintained and will receive no new features.
What This Means for Organizations Running the Kit
For organizations that built their governance strategy around the CoE Starter Kit, this is a significant change. The good news? The kit does not stop working immediately. Apps, flows, and dashboards already deployed will continue to run until they break. What stops is support, bug fixes, and compatibility updates for new Power Platform features.
That last point carries real weight. As Power Platform evolves, a tool frozen in place quietly drifts out of step with the environment it monitors. Picture a security camera that keeps recording while the building around it gets remodeled. It still works, right up until it’s looking into nowhere..
The kit had its share of feature sprawl, the environment request app being one example. But it earned its keep by surfacing areas of the tenant that native capabilities left in the dark. Losing that visibility, without a deliberate plan to replace it, is how governance gaps form.
Microsoft’s Recommended Path Forward: PPAC
Microsoft’s recommended alternative is the Power Platform Admin Center (PPAC), which has expanded significantly to include native Power Platform Admin Center governance capabilities: inventory, usage analytics, environment controls, and administrative actions. PPAC is now a more capable operational center for Power Platform administration than it has ever been.
That said, while PPAC has matured considerably, capability gaps remain. And it isn’t yet clear whether these sit on Microsoft’s release roadmap.
Where the PPAC Refresh Delivers
PPAC now covers several governance areas effectively.
- Tenant-wide resource inventory: A centralized view of environments, apps, flows, and connectors across your tenant, one of the core functions the CoE Starter Kit provided.
- Environment management: Creating, configuring, and controlling environments, including managed environments, environment-level DLP policies, and capacity management, is well supported natively.
- Policy enforcement: Power Platform DLP policy creation and assignment are available directly in PPAC, with connector controls.
- Usage monitoring: The usage experience tracks app launches, flow runs, and active users, sufficient for broad adoption reporting.
- Admin actions: Admins can act on resources directly from PPAC: ownership changes, deleting apps and flows, and managing sharing.
These are impactful capabilities. They mark a real step up from where Power Platform administration stood not long ago.
Where PPAC Falls Short
Despite the improvements, several governance blind spots remain:
Ownership and compliance classification: Most inventory capabilities focus on what exists, not whether it’s owned, compliant, or approaching end-of-life. Linking inventory with ownership, usage, and compliance status still requires manual effort or supplementary tooling.
Granular governance actions: Controls are primarily scoped to environments and connectors. Governance over individual solutions, apps, flows, and customizations remains limited, and cross-environment DLP enforcement is not available.
Multi-tenant governance: PPAC operates within a single tenant, so large organizations running multiple tenants must administer each one independently, with no unified view or consistent controls across them.
Analytics depth: Usage data offers limited slicing options and short retention periods, reducing its value for trend analysis and capacity planning.
Build quality reporting: There is no reporting on the quality of citizen-developed components or structural risk, such as apps consuming unbudgeted premium connector or storage capacity, flows generating API call volume spikes, or connector configurations that expose sensitive data.
Compliance reporting: The absence of specific Power Platform compliance reports will require organizations to build supplementary reporting, manually or through third-party tooling, to meet audit and regulatory obligations.
The Broader Picture
It would be easy to read this as a checklist of product shortcomings. The more useful frame is a governance maturity conversation.
Gartner’s most recent forecast projects the low-code development technologies market reaching $58.2 billion by 2029, naming citizen development and agentic AI among the primary drivers of that growth. That pairing is worth sitting with: the same forces expanding low-code adoption are now expanding it into AI-built and AI-assisted territory. Democratization accelerates delivery, but it also outruns oversight — and it’s about to do so on two fronts at once. This is precisely the problem citizen developer governance is meant to solve. OWASP’s Citizen Development Top 10, which explicitly covers Microsoft Power Platform, catalogs the security and governance risks that emerge when business users build at scale without guardrails: data exposure, unmanaged access, and compliance gaps among them.
This is the heart of the matter. The same accessibility that makes Power Platform powerful, putting build capabilities in the hands of people who never had them before, is exactly what makes governance hard. Low barriers to creation are also low barriers to error.
PPAC, in its re-energized avatar, is a meaningful step forward. But it is not sufficient on its own. Most organizations will need to augment it, with homegrown tooling, third-party solutions, or both, based on their specific governance requirements.
Looking Ahead: AI and Agent Governance
Recall that agentic AI was one of the two drivers Gartner cited for low-code’s continued growth. That’s why Copilot Studio is the area worth watching most closely. Adoption of agents and AI-generated flows is accelerating, and governance tooling that does not extend to these components will face the same structural problem in the near future that the CoE Starter Kit faces today.
Microsoft has previewed a successor concept to the traditional CoE aimed at AI Governance in the agent era. How that evolves with Agent 365 will be worth monitoring closely. Organizations that wait for platform-native tooling to catch up may find themselves managing the same kind of sprawl that brought them to this conversation in the first place.
The Question Most Organizations Should Be Asking Now
The retirement of the CoE Starter Kit isn’t just the sunset of a tool. It’s a prompt to ask a harder question about what comes next.
Start with an honest assessment of what the kit was actually doing for you. For many organizations, it quietly handled ownership tracking, orphaned resource detection, compliance reporting, and tenant-wide visibility that no one had formally assigned anywhere else. Those functions don’t disappear when the kit does. They simply become unowned.
Then map them against what the renewed PPAC delivers natively. The areas PPAC covers well, inventory, environment management, policy enforcement, usage monitoring, and admin actions, may let you retire parts of your existing setup. The areas where it falls short, ownership and compliance classification, granular governance actions, multi-tenant governance, analytics depth, build quality reporting, and compliance reporting, are where you’ll need a plan: homegrown tooling, a third-party solution, or a defined manual process with a clear owner.
For many organizations, that gap is larger than expected, and the time to address it proactively is now, while the kit still runs and you have room to transition on your own terms rather than in response to a failure or an audit.
