Forums
Home Q&A Discussion groups Articles Ask a question Search
Learning
Events
Champions
Community
Forums
Home Q&A Discussion groups Articles Ask a question Search
Learning Events Champions
Forums
Home Q&A Discussion groups Articles Ask a question Search
Learning Events Champions

Forums

Articles
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Action Required: SharePoint Connector Auth Upgrade

March 30, 2026

If your organization already uses the Microsoft SharePoint connector in Rovo, an admin needs to complete an updated authentication flow by April 2, 2026.

This now includes two admin actions:

  1. Grant admin consent for the updated SharePoint user app.

  2. Reauthorize the existing SharePoint connector.

Both steps usually take a few minutes. You do not need to create a Microsoft app registration, generate certificates, or manage client secrets.

TL;DR

  • Who: Existing SharePoint connector customers

  • What: Grant admin consent, then reauthorize the connector

  • When: By April 2, 2026

  • Why: Microsoft is retiring the legacy SharePoint auth path, and Rovo is moving to an updated Microsoft Entra-based flow

Why this is changing

We’re making two updates to how Rovo connects to SharePoint:

  • A more secure admin connection: Rovo is moving from the legacy Azure ACS-based setup to an Atlassian-managed Microsoft Entra app.

  • Expanded SharePoint understanding for Rovo: the updated user app permissions let Rovo understand more of SharePoint’s site and library structure, not just individual files, while continuing to maintain and respect permissions.

  • A simpler admin experience: no app registration, client secret, or certificate setup is required in the new flow.

This change aligns with Microsoft’s retirement of Azure ACS for SharePoint Online. See Microsoft’s announcement: Azure ACS retirement in Microsoft 365.

What happens if you don’t complete this

If you do not complete these steps by April 2, 2026, SharePoint connectors still using the legacy auth flow are expected to start failing and may stop syncing which will result in rovo reasoning over stale data.

Before you begin

  • You need access to Rovo connector management in Atlassian.

  • You also need a Microsoft admin who can grant tenant-wide consent and complete the Microsoft authorization flow. In many organizations this is a SharePoint admin or Global admin.

  • In some organizations, the Atlassian admin and the Microsoft admin are the same person. In others, this may require coordination between two admins.

What your admin needs to do

Sign into to admin.atlassian.com > Apps > AI Settings > Rovo

Select your active SharePoint connector, and from the actions menu select Manage, and from the popup select 

  1. Grant admin consent for the updated SharePoint app and check the box attesting it.  

  2. Reauthorize your existing SharePoint connector and complete the Microsoft OAuth screen.

Troubleshooting

  • I can access Rovo, but I can’t grant Microsoft consent: ask your Microsoft tenant admin, often a SharePoint admin or Global admin, to complete the Microsoft steps.

  • I granted consent, but users still don’t see the updated SharePoint experience: it can take a short time for changes to propagate. If needed, ask affected users to reconnect their Microsoft account later once your rollout guidance is confirmed.

  • Consent is blocked by policy: your security team may need to allow the Atlassian enterprise application and approve the requested read-only permissions.

  • The connector still shows auth errors after reauthorization: wait a few minutes, refresh the page, and try again. If the issue continues, contact Atlassian Support with the connector status and any visible error message.

FAQ

Are these permissions read-only?

Yes. The connector is read-only. It is used to index SharePoint content and structure so users can search and get answers in Rovo.

Does this give users access to SharePoint content they could not already open?

No. Rovo continues to respect SharePoint permissions. Users should only see content they already have access to in Microsoft 365.

Do all end users need to do something right away?

No immediate end-user action is required. Users will later be asked to reconnect their Microsoft account to pick up the updated SharePoint permissions.

Why is Atlassian making this change now?

This update improves security, removes legacy setup burden for admins, and aligns the connector with Microsoft’s modern authentication model for SharePoint Online.

Comment
Watch
Like # people like this
254 views

0 comments

Recommended Learning For You

Level up your skills with Atlassian learning

Make AI a part of the team

Avoid common AI pitfalls and follow best practices to make AI work for your team.

25m Beginner
Free

Learning Path

Get the most out of Rovo

Learn how to use Rovo, Atlassian's AI-powered product, to find, learn, and act on information faster.

2.5h Beginner
Free

Use Rovo across your organization

As an Atlassian organization admin, learn the capabilities of Rovo and how to enable it across products.

15m Advanced
Free

Comment

Log in or Sign up to comment
Chait Donthini

Chait Donthini

Atlassian Team
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.

About this author

1 post

View profile
groups-icon
Atlassian AI & Rovo
TAGS
AUG Leaders

Atlassian Community Events

    See all events
    Community
    Forums
    FAQs Forums guidelines
    Learning
    About learning Resources
    Events
    Champions
    Copyright © 2026 Atlassian
    Privacy Policy Notice at Collection Terms Security