Prerequisite
Create an Azure AI Search Service in the Azure Portal
Navigate to Create Azure AI Resource
Open your browser and go to the Azure portal: https://portal.azure.com
Sign in with your Azure account credentials
In the upper-left corner of your dashboard, select Create a resource.
Use the search box to find Azure AI Search
Configure Basic Settings
When setting up the search service, you will be asked to provide the following details:
Subscription:
Select the Azure subscription under which the search service will be created.
If multiple subscriptions are available, choose the one you want to associate with this search service
Resource Group:
Choose an existing resource group or create a new one.
A resource group is a logical container that organizes related Azure resources.
Use it to manage and consolidate resources for the same solution, monitor associated costs, and track the creation date of your search service.
Service name
Enter a unique name for your search service. This name becomes part of the service endpoint used for API calls, for example: https://your-service-name.search.windows.net
Example: If you enter myservice, the endpoint will be: https://myservice.search.windows.net
Naming Guidelines for Azure AI Search Services in the Azure Portal
i. The name must be unique within the search.windows.net namespace. ii. Use 2 to 60 characters. iii. Only lowercase letters, digits, and dashes (-) are allowed. iv. Do not use dashes as the first two characters or the last character. v. Avoid consecutive dashes.
Region: Choose the Azure region for your service. Ensure it supports the features required for your use case.
Pricing tier: Select the appropriate pricing tier (Free, Basic, or higher) based on your capacity and feature requirements. Each tier has its own capacity and limits.
Create your service: After entering all required details, click Create to provision your search service.
Create a Microsoft Entra application registration
The SharePoint Online index and Copilot Agent – InoWiz use a Microsoft Entra application for authentication. Ensure that this application is registered in the same tenant as Azure AI Search.
Sign in and create the application:
Sign in to the Azure portal.
Navigate to Microsoft Entra ID (or search for it), then select Add > App registrations.
Select + New registration and provide the following:
Name: Enter a descriptive name for your app. Supported account type: Select Single tenant. Redirect URI: Skip this step; no URI is required.
Click Register to create the application.
Assign API Permissions
In the app’s navigation pane, go to Manage > API permissions and select Add a permission.
Assign the following permissions:
Microsoft Graph - Application Permission:
AuditActivity.Read
Directory.ReadAll
AuditLog.ReadAll
Files.ReadAll
Group.ReadAll
Site.ReadAll
User.ReadAll
SharePointTenantSetting.ReadAll
SharePoint - Application Permission:
AllSite.Read
Site.ReadAll
User.ReadAll
SharePoint - Delegated Permission:
Site.SearchAll
User.ReadAll
Office 365 Management API - Application Permission:
ActivityFeed.Read
ActivityFeed.ReadDlp
ServiceHealth.Read
After adding the permissions, grant admin consent if required.
Tenant admin consent is required for application API permissions.
Some tenants may also require admin consent for delegated permissions.
Create a Client Secret (for Application API Permissions)
To authenticate using application permissions, the Azure AI Search Index and InoWiz Agent require a client secret.
In the app menu, go to Certificates & Secrets > Client secrets > New client secret.
Enter a description for the secret and adjust the expiration if necessary.
After creating the secret, copy it immediately and store it securely. Once you leave the page, the secret will no longer be visible.
Create Data Source, Index, and Indexer in Azure AI Search
Once you have created the Azure AI Search service, the next step is to configure the data source, index, and indexer.
You can easily perform this setup using the Postman collection provided.
Simply enter the required input values while executing the collection.
Inside the collection, navigate to the Variables tab, where you can provide the necessary input details for the data being requested.
Below is the table to find all the input data:
i) AzureAISearchBaseURL:
• Sign in to the Azure Portal. • Navigate to Azure AI Search Service → Overview. • Copy the URL listed here. This will be your AzureAISearchBaseURL.
ii) AzureAISearchAPIKey:
• In the Azure Portal, go to your Azure AI Search Service → Settings → Keys. • Copy either the Primary Key or Secondary Key. This will be your AzureAISearchAPIKey.
iii) AISearch-datasource-name: Decide a custom name for your SharePoint data source.
iv) Applicationid:
In the Azure Portal, go to App Registrations → Your App → Overview.
Copy the Application (Client) ID. This will be your Applicationid.
v) Application-secret:
Go to Azure Portal → App Registrations → Certificates & Secrets.
Create or copy the existing Client Secret.
vi) SharePoint-site-Url:
Open your SharePoint Site in a web browser.
Copy the full Site URL.
vii) Tenantid:
In the Azure Portal, go to App Registrations → Overview.
Copy the Directory (Tenant) ID.
viii) Library-name:
Navigate to your SharePoint Site Library.
Copy the Library URL.
If you need a second library, repeat the same process.
ix) Library-name2: If you need a second library, repeat the same process.
x). AISearch-Indexer-name: Choose a custom name for your indexer.
xi). AISearch-Index-name: Choose a custom name for your search index.
Note: Remember this name, you’ll need it later when running the indexer.
Enable Audit Logs (Required for Copilot Agent)
If you haven’t already enabled audit logs, the Copilot Agent will display the message: “Audit Log Not Enabled.”
To fix this:
Go to admin.microsoft.com.
In the left panel, scroll down, select “Show All”, and then select Microsoft Purview.
In the Purview portal:
Look for the Audit solution.
If it isn’t on the homepage, click View all solutions → Audit.
On the Audit page, you will see a banner message: “Start recording user and admin activity.”
Click on it to enable audit logging.
For any queries, reach out to us at [email protected]
Last updated
Was this helpful?