Is it possible to securely separate roles within a single Copilot Studio agent?

(0) Share

Report

Posted on by AK-06020900-0

Context:

We are building Copilot Studio agents for an industrial environment with safety‑critical machine operations.

There are two clearly defined roles: Coordinator and Team Leader.

Preferred design:

From an architectural and maintenance point of view, our preference is to use one single Copilot Studio agent

that supports both roles, instead of maintaining two separate agents.

Intended behavior:

- The Coordinator should have full access to the complete knowledge base and receive full technical output.

- The Team Leader should only receive a restricted subset of that information.

- Certain topics (machine settings, diagnostics, sensor alignment, logs, etc.) must never be exposed to Team Leaders

Question:

Is it possible to achieve a secure, hard separation between Coordinator and Team Leader

within a single Copilot Studio agent using instructions and knowledge configuration only?

Or is it recommended to create separate agents per role when dealing with safety‑critical or permission‑sensitive scenarios?

Categories:

General topics

I have the same question (0)

All responses (4)

Answers (1)

Verified answer

David_MA 14,090 Super User 2026 Season 1 on at

Like (0)

Report
Copy link

Link copied!

Is the knowledge source a SharePoint document library. If so, create two folders for the documents. Put the documents for the coordinator in one folder and the team leader in another. Then break inheritance on the folders and set the permissions accordingly. That would be the easiest thing to do.

If you add files to the agent in the knowledge, you could create file groups. You could give the file group instructions on when it should use it for responding, but that does not prevent the AI from accessing it like strict permission controls would through SharePoint.

Was this reply helpful? Yes No
AK-06020900-0 9 on at

Like (0)

Report
Copy link

Link copied!
Hi David_MA,

I’ve tested your proposal and wanted to share the outcome.

I tried to merge the two separate agents into one by using a single knowledge source in SharePoint, relying on folder-level permissions to control access instead of maintaining two agents.

SharePoint - Knowledge base:

Setup:

A Teamleader account with permission only to the TL folder

A Coordinator account with access to both folders and so the full knowledge base

The Copilot Studio setup:

Result:

When using the merged agent with the Teamleader test account, the agent is unable to return any answers

On the Coordinator side everything works fine

This happens regardless of whether the question clearly belongs to the TL or CO manual — the agent always responds that it cannot provide information on the topic

Important observation:

When I load only the TL files as the knowledge source within the merged setup, it still does not work.

However, when I create a separate agent using the TL account and configure its knowledge base to include only the TL folder, everything works perfectly fine

So it seems that combining the knowledge into one source and relying on SharePoint permissions prevents the agent from retrieving any usable knowledge for users(Team leaders) with restricted access.

Are there any configuration steps I'm missing?

Any help is welcome !

Was this reply helpful? Yes No
David_MA 14,090 Super User 2026 Season 1 on at

Like (0)

Report
Copy link

Link copied!

I will need to do some more testing to see if I can replicate what you describe. The account used to create the agent has access to all of the knowledge, correct? And then you are using the agent with two other accounts. Once account has access to everything and the other has access to limited content. If so, when the user interacts with the agent it should be respecting the permissions set on the data.

You can refer to this: Add SharePoint as a knowledge source - Microsoft Copilot Studio | Microsoft Learn. According to information I have been told at the Microsoft Power Platform Conference and elsewhere, the agent should be using the permissions of the person interacting with the agent. Do you have it configured as noted here:

Was this reply helpful? Yes No
AK-06020900-0 9 on at

Like (0)

Report
Copy link

Link copied!

Hi David_MA,

Thanks for the response!

Everything you mentioned above are set as default. Checked once again and the agent is configured on "Authenticate with Microsoft".

The agent itself is built using an account that acts as a Coordinator (M365 in Dutch), which therefore has full access to all knowledge sources.

For testing, I’m using a Teamleader (M365 in English) account that only has access to the TL folder in SharePoint, with limited access to the parent folders.

Note that the manuals used as knowledge sources are currently written only in Dutch.

So I feel like the Teamleader still can't reach the files on that knowledge base, as there're no references to the searched files in the output. Also the answers it's giving are far from correct.

A few example questions from the Teamleader(Not allowed to get info about):

Question from the Coordinator :

Teamleader(allowed to get info about):

Coordinator:

Was this reply helpful? Yes No