Skip to main content

Notifications

Announcements

🌸 Community Spring Festival 2025 Challenge & Updates🌸
Replay: Power Platform Community AMA - Copilot Studio | April
Welcome to the Power Platform Communities
News and Announcements icon
Community site session details

Community site session details

Session Id :
Power Platform Community / Forums / Copilot Studio - General / Connecting Copilot Age...
Copilot Studio - General
Answered

Connecting Copilot Agent with Manual Authentication to SharePoint

(1) ShareShare
ReportReport
Posted on by SM-14041908-0 4
Hi everyone,
I'm trying to connect a Copilot agent with manual authentication to a SharePoint instance. I've attempted to set up login SSO using Microsoft B2C AD, but it still prompts me to log in. Additionally, I want to restrict users to access only the SharePoint sites they are authenticated to access and not all, hence I won't be able to grant the Sites.Read.All scope because all of our data lives there.
What is the best way to ensure that the logged-in Entra user can only access specific SharePoint folders on my canvas app registration?
Has anyone faced similar issues or have any suggestions on how to improve this setup?
Thanks in advance!

EDIT: Adding additional question asked from replies for better readability
My SharePoint is in a different tenant than the app registration, and I want to provide selective access to users. Will adding the "Sites.Selected" scope in the chat canvas app registration work?

Additionally, whenever I try to access this agent via the Direct Line API in my custom app it is able to answer genera questions but for any question related to the SharePoint knowledge, I get an "action not supported" error, although the integration works fine in the test preview console.

My authentication is custom OAuth pointing to the tenant where the app registration is, and I would like to use SSO in the future.
Categories:
General
  • Verified answer
    juangonzalezAuc Profile Picture
    juangonzalezAuc 80 on at
    Connecting Copilot Agent with Manual Authentication to SharePoint
    --edit: I just read your second message and I think Copilot studio with Sharepoint Knowledge is not the way to go
    For Copilot Studio to work with Sharepoint access your users need to exist on the same tenant than your sharepoint and they need to be logged in.
    Your requirement would need a custom development in my opinion. 
    We've done it with Azure AI, AI Search and Security groups filtering the Search AI results by the access each group has configured in a custom table and then sending them to the model but this is also with logged users
    I don't see a clear way to implement it with Copilot Studio.
     
    Previous answer, valid for logged users on the same tenant.
    So if you want users to access any site they have permission to, using Sites.Read.All with delegated permissions is the right approach.



    The bot will only respond with information from sites that are both part of its knowledge base and accessible to the user.



    I don't believe you're facing a real issue at the moment.



    The same applies to specific folders—just select the folder within the site rather than the entire site for your knowledge.



    We separate access to folders based on the triggered topic, but users can only access files from sites they already have permissions for.



  • SM-14041908-0 Profile Picture
    SM-14041908-0 4 on at
    Connecting Copilot Agent with Manual Authentication to SharePoint
    My SharePoint is in a different tenant than the app registration, and I want to provide selective access to users. Will adding the "Sites.Selected" scope in the chat canvas app registration work?

    Additionally, whenever I try to access this agent via the Direct Line API in my custom app it is able to answer genera questions but for any question related to the SharePoint knowledge, I get an "action not supported" error, although the integration works fine in the test preview console.

    My authentication is custom OAuth pointing to the tenant where the app registration is, and I would like to use SSO in the future.
  • ronaldwalcott Profile Picture
    ronaldwalcott 3,497 on at
    Connecting Copilot Agent with Manual Authentication to SharePoint
    See Add SharePoint as a knowledge source - Microsoft Copilot Studio | Microsoft Learn on how to add SharePoint as a knowledge source.
    You also have to set permissions on the SharePoint site for the users. They will only be able to get answers from the content that they have access to in the SharePoint site. You can use groups to define the access.

Under review

Thank you for your reply! To ensure a great experience for everyone, your content is awaiting approval by our Community Managers. Please check back later.

Helpful resources

News and Announcements

🌸 Community Spring Festival 2025 Challenge & Updates🌸
Replay: Power Platform Community AMA - Copilot Studio | April
Welcome to the Power Platform Communities

Quick Links

🌸 Community Spring Festival 2025 Challenge 🌸

WIN Power Platform Community Conference 2025 tickets!

Markus Franz – Community Spotlight

We are honored to recognize Markus Franz as our April 2025 Community…

Kudos to the March Top 10 Community Stars!

Thanks for all your good work in the Community!

Leaderboard

#1
WarrenBelz Profile Picture

WarrenBelz 146,631 Most Valuable Professional

#2
RandyHayes Profile Picture

RandyHayes 76,287 Super User 2024 Season 1

#3
Pstork1 Profile Picture

Pstork1 65,964 Most Valuable Professional

Leaderboard

Featured topics

Generative orchestration updates coming to Microsoft Copilot Studio! 
Please Read for Updates on Forums & Blogs
Tips & tricks for using the Power Virtual Agents Boost Conversational Coverage Preview

Product updates

Microsoft Power Platform Community release plans