This page is
A product guidance layer
It translates AI COE governance into practical checks for product teams, designers, engineers, and coding agents.
AI Toolkit
AI Guardrails
Use this page before selecting or integrating an AI model. It translates the AI COE approved model guidance into practical checks for product teams and coding agents.
Source guidance
Approved AI Model List
Version 1.2, last updated April 28, 2026. Owner: Responsible AI Governance.
How to use this page
This page belongs in the design system because it turns governance into repeatable product decisions. It should help teams ask the right questions before an AI feature reaches users.
This page is not
The official approval record
The AI COE approved model list remains the source of truth for model approval, retirement dates, and governance ownership.
Before you use AI
Treat model choice as a product and governance decision. The model is only one part of the decision; environment, data handling, and documentation matter just as much.
Start with the approved environment
Internal and production application usage starts with Azure OpenAI. Other providers need AICOE review before work proceeds.
Match the model to the job
Choose the smallest approved model that can meet the task quality, risk, and latency requirements.
Protect the data before it leaves the product
Redact, tokenize, or otherwise protect PII, financial, customer, proprietary, or regulated data before model submission.
Document the decision
Record model name, version, deployment type, prompt approach, intended use case, and risk assessment where applicable.
Approved model snapshot
This table is a design-system summary of the AI COE source document, not a replacement for it. Verify the current approved list before launch, security review, or any decision where model availability or retirement timing matters.
Azure OpenAI is the approved provider for internal and production application usage. Claude has limited approval only in the tool contexts called out by the AI COE. The AI COE source also points teams to Microsoft’s model lifecycle policy for retirement timing. Treat that as supporting context, not as approval to use an unlisted model.
Do not infer approval from public availability.
| Model | Family | Environment | Retirement | Use case |
|---|---|---|---|---|
| GPT-4.1Approved | GPT-4 | Azure OpenAI | Oct 14, 2026 | General-purpose reasoning and conversation. |
| GPT-4oApproved | GPT-4 | Azure OpenAI | Oct 1, 2026 | Multimodal text, vision, and audio use cases. |
| GPT-4o miniApproved | GPT-4 Omni | Azure OpenAI | Oct 1, 2026 | Lightweight reasoning and cost-efficient tasks. |
| GPT 5-miniApproved | GPT-5 | Azure OpenAI | Feb 6, 2027 | More demanding reasoning, correctness, and deeper logic. |
| GPT 5-nanoApproved | GPT-5 | Azure OpenAI | Feb 6, 2027 | Lower-cost summarization, classification, and light chat. |
| GPT 5-chatLimited | GPT-5 | Azure OpenAI | TBD | Conversation, dialog consistency, and usability. |
| text-embedding-3-large / smallApproved | Embeddings | Azure OpenAI | Not listed | Semantic search and vector-based retrieval. |
| Claude familyLimited | Anthropic | Limited approved tools | Not listed | Limited to approved Microsoft 365, Copilot Studio, Claude Enterprise, and developer tooling contexts. |
AI product experience guardrails
Once a model and use case are allowed, the product still has to make AI understandable, reviewable, and recoverable for the person using it.
Tell users when AI is involved
Label AI-assisted output and make the system role clear. Do not make generated content look like manually verified system truth.
Let people review and revise output
Give users a way to inspect, edit, accept, reject, or regenerate AI output before it affects records, customers, or workflows.
Show sources when answers depend on retrieval
When an answer comes from knowledge retrieval, expose citations, source names, or enough context for the user to verify it.
Confirm high-impact actions
Do not let AI autonomously approve, delete, submit, send, or escalate high-impact work without a human confirmation step.
Design fallback and escalation states
AI features need loading, empty, low-confidence, unavailable, and error states that tell users what happened and what to do next.
Keep policy-sensitive decisions reviewable
AI output should not be final authority for legal, HR, financial, compliance, or customer-impacting decisions without review.
Data handling rules
The safest model choice can still fail governance if the inputs or outputs mishandle data. Product teams own the data path before and after model execution.
Protect sensitive data before submission
PII, financial, customer, proprietary, and regulated information must be redacted, tokenized, or otherwise protected before being submitted to an external API.
Handle outputs by classification
Model outputs inherit product context. Store, display, export, and audit them according to enterprise data classification standards.
Document before launch
Maintain enough documentation for audit and compliance. The AI decision record should make the model choice and risk posture reviewable later.
- Model name and version
- Deployment type
- Prompt design approach
- Intended use case
- Risk assessment when applicable
- Data classification and protection approach
Requires review
These choices are not approved for internal or production use unless AICOE and governance reviewers explicitly authorize them.
- Foundation models from providers other than Azure OpenAI unless explicitly reviewed and approved.
- Locally hosted or open-weight models such as Llama, Mistral, Phi, or Falcon without prior approval.
- Public AI APIs that are not provisioned through JM Family-approved Azure subscriptions.
- Custom fine-tuning, private model hosting, or non-OpenAI foundation models without AI Governance Committee approval.
When to check back
Approved model guidance changes as vendors release new models and older models approach retirement. Re-check guidance at these moments.
Regular governance review cadence
New Microsoft or OpenAI model releases
Model lifecycle or retirement announcements
A use case that needs an unlisted model, provider, hosting approach, or deployment type
Agent rules
Coding agents should treat these as hard stops before proposing or implementing AI features.
Use approved providers and environments by default.
Ask for review when a model, provider, hosting mode, or deployment type is not listed.
Never send sensitive data to an unapproved endpoint or public API.
Include model, version, prompt approach, use case, and risk notes in implementation docs.
Design the AI touchpoint so users can identify, review, and recover from generated output.