Forums
Home Q&A Discussion groups Articles Ask a question Search
Learning
Events
Champions
Community
Forums
Home Q&A Discussion groups Articles Ask a question Search
Learning Events Champions
Forums
Home Q&A Discussion groups Articles Ask a question Search
Learning Events Champions

Forums

Articles
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Action Required: SharePoint Connector Auth Upgrade

March 30, 2026

If your organization already uses the Microsoft SharePoint connector in Rovo, an admin needs to complete an updated authentication flow as soon as possible.

This now includes two admin actions:

  1. Grant admin consent for the updated SharePoint user app.

  2. Reauthorize the existing SharePoint connector.

Both steps usually take a few minutes. You do not need to create a Microsoft app registration, generate certificates, or manage client secrets.

TL;DR

  • Who: Existing SharePoint connector customers

  • What: Grant admin consent, then reauthorize the connector

  • When: ASAP

  • Why: Microsoft is retiring the legacy SharePoint auth path, and Rovo is moving to an updated Microsoft Entra-based flow

Why this is changing

We’re making updates to how Rovo connects to SharePoint:

  • A more secure admin connection: Rovo is moving from the legacy Azure ACS-based setup to an Atlassian-managed Microsoft Entra app.

  • Expanded SharePoint understanding for Rovo: the updated user app permissions let Rovo understand more of SharePoint’s site and library structure, not just individual files, while continuing to maintain and respect permissions. This functionality requires the admin consent. 

  • A simpler admin experience: no app registration, client secret, or certificate setup is required in the new flow.

This change aligns with Microsoft’s retirement of Azure ACS for SharePoint Online. See Microsoft’s announcement: Azure ACS retirement in Microsoft 365.

What happens if you don’t complete this

SharePoint connectors still using the legacy auth flow may stop syncing which will result in rovo reasoning over stale data. It is best to complete the re-auth and grant admin consent, to ensure the sync is functioning as expected. 

Before you begin

  • You need access to Rovo connector management in Atlassian admin hub.

  • You also need a Microsoft admin who can grant tenant-wide consent and complete the Microsoft authorization flow. In many organizations this is a SharePoint admin or Global admin.

  • In organizations where the Atlassian admin and the Microsoft admin are different persons, this may require coordination between the two admins.

What your admin needs to do

Sign into to admin.atlassian.com > Apps > AI Settings > Rovo

Select your active SharePoint connector, and from the actions menu select Manage, and from the popup select 

  1. Grant admin consent for the updated SharePoint app and check the box attesting it.  

  2. Reauthorize your existing SharePoint connector and complete the Microsoft OAuth screen.

Troubleshooting

  • I can access Rovo, but I can’t grant Microsoft consent: ask your Microsoft tenant admin, often a SharePoint admin or Global admin, to complete the Microsoft steps. You can share the consent URL and the authorization URL with them to complete these steps. Or if enabled, you can request it directly from the Microsoft OAuth page. 

  • I granted consent, but users still don’t see the updated SharePoint experience: it can take a short time for changes to propagate. If needed, ask affected users to reconnect their Microsoft account later once your rollout guidance is confirmed.

  • Consent is blocked by policy: your security team may need to allow the Atlassian enterprise application and approve the requested read-only permissions.

  • The connector still shows auth errors after reauthorization: wait a few minutes, refresh the page, and try again. If the issue continues, contact Atlassian Support with the connector status and any visible error message.

FAQ

Are these permissions read-only?

Yes. The connector is read-only. It is used to index SharePoint content and structure so users can search and get answers in Rovo.

Does this give users access to SharePoint content they could not already open?

No. Rovo continues to respect SharePoint permissions. Users should only see content they already have access to in Microsoft 365.

Do all end users need to do something right away?

No immediate end-user action is required. Users will later be asked to reconnect their Microsoft account to pick up the updated SharePoint permissions.

Why is Atlassian making this change now?

This update improves security, removes legacy setup burden for admins, and aligns the connector with Microsoft’s modern authentication model for SharePoint Online.

Comment
Watch
Like # people like this
1882 views

4 comments

Darryl Lee
Darryl Lee
Community Champion
May 12, 2026

Hi @Chait Donthini  - I have a suggestion:

You use pop-ads to annoy users and admins daily to ask them connect to Teams/Sharepoint/Google Drive whether their organization has it or not.

For example, we do not use Teams, and yet I see this: image.png

How about you use that mechanism to make Admins aware of important announcements like this?

I know that is to all users, but I also know that Admins receive suggestions to add new Connectors to Rovo. Connectors for tools we may not even have. THAT would be a good place to "advertise" this change.

I know AI is the new hotness, but this group only has 4,130 members. It's incredibly doubtful that all the admins of 40,000+ Jira/Confluence sites will see this.

I realize Atlassian's release and documentation process must be incredibly convoluted to force PMs to make their important product announcements on a Community Forum but as this appears to be a breaking change, I urge you to be the squeaky wheel on behalf of your SharePoint Connector customers, and try to make a change to improve this.

This seems like it would be backed up by Atlassian's values:

  • Be the change you seek
  • Don't #@!% the customer
  • Open company, no bullshit

Thanks!

Like
Darryl Lee
Darryl Lee
Community Champion
May 12, 2026

Ah, I didn't have to look hard to find this:

image.png

That would be a perfect place to put a link to (sigh) this post:

Here, let me mock it up for you:
image.png

Like Josh likes this
Darryl Lee
Darryl Lee
Community Champion
May 13, 2026

Ohey, I just got an email for my One Atlas test site, and it seems like this would be another great channel to reach out to Admins to warn them about this (as opposed to, or in addition to this forum):

image.png

Like
Darryl Lee
Darryl Lee
Community Champion
May 13, 2026

@Lacy Saute notes that on her site she did get these helpful pop-ups in Admin Hub. That's great news!

image.png

image.png

Because we only enabled the SharePoint connector about 2-3 weeks ago, perhaps we're already on the new connector? Hrm...

  • Expanded SharePoint understanding for Rovo: the updated user app permissions let Rovo understand more of SharePoint’s site and library structure, not just individual files, while continuing to maintain and respect permissions. This functionality requires the admin consent. 

@Chait Donthini - somebody at Team '26 recommended I talk to you about this very thing, because it looks like our current SharePoint Connector does not scan or index Folders. Ok, I'll work with our SharePoint team to hopefully get this re-authenticated.

Although... we are not getting these alerts.

Also, we did not get an email like Lacy got:

image.png

Like

Recommended Learning For You

Level up your skills with Atlassian learning

Make AI a part of the team

Avoid common AI pitfalls and follow best practices to make AI work for your team.

25m Beginner
Free

Learning Path

Get the most out of Rovo

Learn how to use Rovo, Atlassian's AI-powered product, to find, learn, and act on information faster.

2.5h Beginner
Free

Use Rovo across your organization

As an Atlassian organization admin, learn the capabilities of Rovo and how to enable it across products.

15m Advanced
Free

Comment

Log in or Sign up to comment
Chait Donthini

Chait Donthini

Atlassian Team
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.

About this author

1 post

View profile
groups-icon
Atlassian AI & Rovo
TAGS
AUG Leaders

Atlassian Community Events

    See all events
    Community
    Forums
    FAQs Forums guidelines
    Learning
    About learning Resources
    Events
    Champions
    Copyright © 2026 Atlassian
    Privacy Policy Notice at Collection Terms Security