FAQs

1) What is a Microsoft Entra application, and why is it needed?

A Microsoft Entra application is used to authenticate the Copilot Agent and SharePoint Online index with Azure AI Search. It ensures secure access to your SharePoint data.

2) What are the naming rules for the Azure AI search service?

Naming Guidelines for Azure AI Search Services in the Azure Portal

• The name must be unique within the search.windows.net namespace.

• Use 2 to 60 characters.

• Only lowercase letters, digits, and dashes (-) are allowed.

• Do not use dashes as the first two characters or the last character.

• Only lowercase letters, digits, and dashes (-) are allowed.o not use dashes as the first two characters or the last character.

• Avoid consecutive dashes.

3) What permissions are required for the Microsoft Entra application?

The app requires specific permissions across three services:

• Microsoft Graph (Application permissions): AuditActivity.Read, Directory.ReadAll, AuditLog.ReadAll, Files.ReadAll, Group.ReadAll, Site.ReadAll, User.ReadAll, SharePointTenantSetting.ReadAll

• SharePoint (Application & Delegated permissions): AllSite.Read, Site.ReadAll, User.ReadAll, Site.SearchAll

• Office 365 Management API (Application permissions): ActivityFeed.Read, ActivityFeed.ReadDlp, ServiceHealth.Read

Tip: Tenant admin consent is required for application permissions and, in some cases, delegated permissions.

4) Can multiple tenants use the same application registration?

No. The Microsoft Entra application must be created in the same tenant as your SharePoint.

5) What should I do if I encounter permission errors during indexing?

• Verify that the Microsoft Entra application has all required API permissions.

• Ensure admin consent has been granted for the application or delegated permissions.

• Check that the client secret is valid and not expired