web
You’re offline. This is a read only version of the page.
close
Skip to main content

Announcements

Welcome to the Power Platform Communities
News and Announcements icon
Community site session details

Community site session details

Session Id :
Power Platform Community / Forums / Copilot Studio / Can Restricted SharePo...
Copilot Studio
Answered

Can Restricted SharePoint Knowledge Be Queried Through a Copilot Agent Using a Service Account?

(2) ShareShare
ReportReport
Posted on by YJ-02010636-0 28
Is it possible to add a SharePoint knowledge base that has restricted access, yet still allow users of the Copilot agent to query and retrieve results from that SharePoint content — potentially by using a service account?
 
Currently, users who don’t have permission to the SharePoint site receive this error when the agent tries to retrieve information:

 
We understand that granting read access to all users would resolve the issue. However, we want to avoid giving broad read permissions across the company or manually sharing access with large groups of people, as this is not scalable or manageable.
Categories:
Building Copilot Studio chatbots in Microsoft Teams
I have the same question (1)
  • Michael E. Gernaey Profile Picture
    Michael E. Gernaey 53,960 Moderator on at
     
    Logistically yes, if you built the flow and set it so the connection to SharePoint is specifically using that account for all access. Make sure to share the connection, make sure to set the flow you are using to access SharePoint, to use the "users" connection versus the user who is logged in.
     

    If these suggestions help resolve your issue, Please consider Marking the answer as such and also maybe a like.

    Thank you!
    Sincerely, Michael Gernaey
  • YJ-02010636-0 Profile Picture
    YJ-02010636-0 28 on at
    Hi Michael
     

    Thanks so much for the suggestion! I explored using Power Automate for this, but the challenge is that the available SharePoint connectors aren’t able to read or index the content in my SharePoint Knowledge Base with the same depth or quality as the “Add knowledge” ingestion pipeline in Copilot Studio.

     

    While the SharePoint actions in Power Automate (like Get file, Get items, or HTTP request) can retrieve raw files or list data, they don’t provide the semantic processing that the Knowledge feature performs automatically—things like intelligent parsing, chunking, and embedding the content for high‑quality retrieval. Because of that, the search accuracy and user experience from a flow can’t really match how the Knowledge connector understands and answers questions.

     

    So even though a service‑account connection could work for basic retrieval, it doesn’t give the same results as the built‑in Knowledge ingestion, which is why the permissions limitation is still the main blocker in this scenario.

  • Suggested answer
    Liam O Grady Profile Picture
    Liam O Grady 28 on at
    No, Copilot Studio can’t use a service account to bypass SharePoint permissions when you are using it as a "knowledge source".
    If a user doesn’t have read access to the SharePoint site or library, the agent won’t return content from it. That’s expected and by design.
     
    However, there are workarounds.
     
    1. Use a Power Automate sync
    Rather than querying SharePoint at runtime, you can use a Power Automate flow (running as a service account) to sync the restricted library into the agent’s knowledge. Once synced, the content behaves the same as if you’d uploaded the files directly to Copilot Studio.
     
    This means:
    - No need to grant broad SharePoint read access
    - No per-user permission checks at runtime
    - Fully manageable and scalable
     
    This pattern is actually built into the Copilot Studio Kit (if you haven't heard of it google it), so you don’t have to build it from scratch yourself.
     
    2. Use Azure AI Search
    If you need a more advanced solution for large volumes of documents, metadata filtering, or more control over ingestion), you can index the SharePoint content into Azure Al Search using a service account. Copilot Studio can then query the search index instead of SharePoint directly.
     
    This can be more expensive to run and operate, but typically gives better retrieval quality and more control compared to native knowledge sources.
     
    Hope that helps 👍
  • Verified answer
    ChiragD Profile Picture
    ChiragD 16 on at
    There are two ways to bypass this limitation

    1. Take all the files from SharePoint and import all of them 1 by 1 in the agent by using the "add knowledge" button. This is the simplest one and would not require any set up. This is also recommended if the number of files is low and they are not going to change for a long time.
     
    2. Export everything from SharePoint to dataverse. Dataverse is already included in your current plan if you are building using copilot studio, so there will be no extra cost. You will need to some preprocessing, like (Extract → Normalize → Store → Index) before exporting everything to dataverse. You can add dataverse as a knowledge base to the agent and it will not require the current users credentials to access it. It will use the creators credentials.
     
    using service accounts is not supported in copilot studio. It will use the users credentials to determine whether the user has permissions to access the documents. It is made by design and will not be included anytime soon. I would suggest to go for one of the two ways mentioned above.
     
    If these suggestions help resolve the issue, please consider Marking the answer
     
    Thanks
    Chirag
  • Michael E. Gernaey Profile Picture
    Michael E. Gernaey 53,960 Moderator on at
    actually I do not know why anyone is saying you cannot use a service account because you can, if the flows themselves are setup to run that way you can. Service accounts are simply regular accounts.

Under review

Thank you for your reply! To ensure a great experience for everyone, your content is awaiting approval by our Community Managers. Please check back later.

Helpful resources

News and Announcements

Welcome to the Power Platform Communities

Quick Links

Introducing the 2026 Season 1 community Super Users

Congratulations to our 2026 Super Users!

Kudos to our 2025 Community Spotlight Honorees

Congratulations to our 2025 community superstars!

Congratulations to the February Top 10 Community Leaders!

These are the community rock stars!

Leaderboard > Copilot Studio

#1
Valantis Profile Picture

Valantis 297

#2
Romain The Low-Code Bearded Bear Profile Picture

Romain The Low-Code... 184 Super User 2026 Season 1

#3
Arild Aarnes Profile Picture

Arild Aarnes 51 Super User 2026 Season 1

Last 30 days Overall leaderboard

Featured topics

Announcing the "Microsoft Copilot Studio ❤️ MCP" lab
Block PII/PCI in Copilot Studio agent user prompt
Welcome to the Copilot Studio forum!

Product updates

Microsoft Power Platform Community release plans