You created an access policy for your Copilot Studio agent, but users report that the restrictions are not enforced. The policy appears correct in the settings, yet agents still access data or perform actions that the policy should block. This problem usually stems from policy inheritance, scope misconfiguration, or a missing publish step. This article explains why the policy fails to apply and provides the exact steps to fix it.
Key Takeaways: Fixing Copilot Studio Agent Access Policies
- Copilot Studio > Settings > Security > Access policies: The correct location to define who can use the agent and what data they can access.
- Publish after policy change: Policies do not take effect until you publish the updated agent version.
- Check policy scope: Policies apply to specific environments or agent versions; verify the scope matches your deployment.
Why the Access Policy Does Not Apply
Copilot Studio access policies control authentication, data sources, and user permissions for agents. When a policy does not apply, one of these root causes is usually responsible:
Policy Inheritance from Parent Environment
Copilot Studio agents inherit access policies from their parent environment in Microsoft Dataverse. If you set a policy at the agent level but the environment-level policy is more restrictive or has conflicting rules, the agent-level policy may be overridden. The agent will then apply the environment policy instead of your custom one.
Unpublished Agent Version
Access policies are part of the agent configuration, not a separate system setting. You must publish the agent after changing the policy. An unpublished draft means the policy exists in the editor but is not deployed to the runtime. Users interacting with the published agent will not see the new restrictions.
Scope Misconfiguration
Policies can be scoped to specific user groups, authentication types, or data connections. If the scope excludes the users or scenarios you intended to restrict, the policy will appear to do nothing. For example, a policy that blocks access to SharePoint data only applies when the agent uses a SharePoint connector. If the agent uses a different connector, the policy never triggers.
Steps to Re-Apply and Verify the Access Policy
Follow these steps in order to ensure the policy is correctly configured, published, and enforced.
- Open the agent in Copilot Studio
Sign in to Copilot Studio with an account that has the System Administrator or System Customizer role. From the home page, select the agent that is not enforcing the policy. - Go to Settings > Security > Access policies
In the left navigation, click Settings, then select Security. Under the Security section, click Access policies. You will see a list of existing policies for this agent. - Review the policy details
Click the policy name to open its configuration. Verify the following:
– Scope: Is the policy set to apply to All users or a specific Security group? If it targets a group, confirm the group contains the correct members.
– Conditions: Check the conditions for data access. For example, if the policy blocks access to certain SharePoint sites, ensure those sites are listed correctly.
– Action: Confirm the action is set to Block or Allow as intended. A policy set to Allow will not block anything. - Check for conflicting environment-level policies
In the same Copilot Studio environment, go to Settings > Security > Access policies at the environment level (not the agent level). Look for any policy that might override your agent policy. Environment-level policies apply to all agents in that environment. If you find a conflicting policy, you have two options:
– Modify the environment policy to remove the conflict.
– Change the agent policy to be more restrictive than the environment policy. Agent policies always take precedence when they are more restrictive. - Save and publish the agent
After making any changes to the policy, click Save in the top right of the policy editor. Then return to the agent overview page. Click the Publish button. A confirmation dialog appears. Select Publish again to deploy the updated agent with the new policy. - Test the policy with a non-admin user
Open the agent in a separate browser session logged in as a standard user account. Try to access the data or perform the action that the policy should block. If the policy blocks access, you see an error message or the agent refuses the request. If the policy still does not apply, repeat steps 1 through 5 and verify the scope and conditions again.
If the Policy Still Does Not Apply
If you followed the steps above and the policy remains unenforced, check these additional failure patterns.
The agent uses a custom connector that bypasses policy
Access policies in Copilot Studio apply to built-in connectors and Microsoft Graph data sources. Custom connectors and direct API calls may not be subject to the same policy engine. To enforce restrictions on custom connectors, you must implement authentication and authorization logic inside the connector itself. Review the custom connector’s code or configuration to add policy-like checks.
Policy applies to a different agent version
If you have multiple versions of the same agent deployed to different channels, verify that the policy is applied to the correct version. In Copilot Studio, go to Settings > Versions. Check which version is active on each channel. If a channel uses an older version, publish the latest version to that channel. You can also delete old versions to avoid confusion.
User authentication type is not matching the policy condition
Some policies require a specific authentication method, such as Microsoft Entra ID or anonymous access. If the policy is set to block anonymous users but the agent allows anonymous access, the policy cannot apply. Change the agent’s authentication settings in Settings > Security > Authentication to match the policy condition. For example, set authentication to Microsoft Entra ID only if the policy targets authenticated users.
| Item | Agent-Level Policy | Environment-Level Policy |
|---|---|---|
| Scope | Applies only to this agent | Applies to all agents in the environment |
| Override behavior | More restrictive rules override environment policy | Less restrictive rules are overridden by agent policy |
| Configuration location | Copilot Studio > Agent > Settings > Security > Access policies | Power Platform admin center > Environments > [Environment] > Settings > Security > Access policies |
| Requires publish | Yes | No, takes effect immediately |
| Best for | Fine-grained control per agent | Baseline security for all agents |
After correcting the policy, you can now enforce data access and user restrictions for your Copilot Studio agents. Next, review the authentication settings for each agent to ensure they align with your policy conditions. As an advanced tip, use the Power Platform admin center audit logs to track when a policy was last modified and by whom, which helps identify accidental changes that disable enforcement.