![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(310.4, 81%, 40%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJO%3C/text%3E%3C/svg%3E)
Microsoft 365 and Office | SharePoint | Development
The process of building custom applications and tools that interact with Microsoft SharePoint, including SharePoint Online in Microsoft 365.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(256, 74%, 34%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EIN%3C/text%3E%3C/svg%3E)
Hi @Jorziño Barradas,
After reviewing the official article, I would like to share that users cannot use SharePoint agents or Copilot to bypass SharePoint permissions. SharePoint agents respond based on the requesting user’s own permissions to the underlying SharePoint data, and if a user does not have permission to the site, library, folder, or file, that restricted content should not be included in the agent’s response.
It is also important to distinguish between access to the agent and access to the content behind the agent. The .agent file controls who can access or edit the agent itself, but the user’s permissions to the referenced SharePoint sources still determine what information can actually be returned in chat. In other words, sharing an agent does not automatically grant access to all of its source content.
So, in the scenario you described, if a user does not have permission to the SharePoint site or the underlying files, they should not be able to use an agent to retrieve that content.
For your second concern, using site membership, folder or file permissions, and sensitivity labels / DLP is the valid direction. However, whether the site is fully protected also depends on the overall sharing model, because Copilot and agents respect the permissions and sharing settings that already exist. If content is already overshared, Copilot can also surface that content to users who already have access.
In practice, site or group membership remains the main security boundary, folder and file permissions are valid controls, and sensitivity labels with Microsoft Purview DLP can help prevent selected files from being used in agent responses. For more sensitive scenarios, it may also be worth reviewing Restricted Access Control (RAC) and Restricted Content Discovery (RCD) as additional governance controls.
Additionally, if you want more tenant-specific best-practice guidance for your environment, I would also suggest opening a support ticket from the Microsoft 365 admin center and routing it to the SharePoint support team, as they can review your scenario more closely and provide more tailored guidance for your permissions design and Copilot concerns.
- For detailed instructions on how to get support, please refer to Get support - Microsoft 365 admin.
- In case you do not know who is your IT admin, kindly refer to this article: How do I find my Microsoft 365 admin? - Microsoft Support.
I hope the information above helps clarify your concerns. If you need any further assistance, please feel free to reply.
Wishing you a good day ahead.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.