Using Confluence as knowledge source in Copilot Studio bot works with basic authentication and open permissions to anyone as described in the previous blog post. What if you have restricted pages in Confluence and you don’t want the Copilot Studio bot tell the secrets to anyone using the bot and asking the correct questions. Then it is time to use the permission restricted Confluence Connector setting when creating the connector.
In the first demo I used basic authentication with my account but when testing permissions it is better to use the OAuth2 and create app in Confluence instead of persona API token.
Setup OAuth2 in Confluence
Confluence instructions tells to go to Developer console (atlassian.com) and create OAuth 2.0 integration.
Be sure to go to Granular scopes tab to get see the scopes mentioned in the instructions
Setup the authorization – instructions said anything about the authorization URL in the below
Finally go to settings and copy the client id and secret to create the connector in M365 admin
Create Connector using OAuth2 in M365
Go to Search & intelligence – Microsoft 365 admin center and click Add Connection, fill the data and click Authorize.
I’m using different account to create the connection and face this notification.
I had to go back to setting and change the distribution settins
Now it works but states incorrect scopes that are shared
It want’s to get scopes mentioned below – This app has requested Confluence API scopes that have not been added to the app. Missing: read:audit-log:confluence, read:content.metadata:confluence, read:page:confluence, read:permission:confluence, read:space:confluence.
I went back to configure the Confluence app and added all asked scopes
And then it started working – I clicked Accept
Once the connector has finished syncing, you could go to Copilot Studio side to take it into use.
Add connector to Copilot Studio bot
Go to Copilot Studio bot and add the connector, create new bot and follow previous post instructions or replace the connection from existing bot. Remember to delete first the existing connection from the bot.
TIP: If the connector does not have description, there is error adding it to the bot
Now the bot on the left in below picture finds answers about fishing and dragons which the account writing to bot has permissions. On the right there is account that does not have permission for Confluence articles does not get any replies with the same questions from the same bot. Links below the answer takes user to Confluence Cloud pages as it should be.